Adam Greenfield created WW-4741:
-----------------------------------
Summary: Http Sessions forcefully created for all requests using
I18nInterceptor
Key: WW-4741
URL: https://issues.apache.org/jira/browse/WW-4741
Project: Struts 2
Issue Type: Bug
Affects Versions: 2.5.10
Reporter: Adam Greenfield
Changes made in WW-4730 for store and read functions cause an httpSession to be
created for every request that uses I18nInterceptor.
Current code checks for
{noformat}Map<String, Object> session =
invocation.getInvocationContext().getSession(){noformat}
to be null and then calls
{noformat}ServletActionContext.getRequest().getSession(){noformat}
(notice how the second one references the HttpServletRequest. The
HttpServletRequest Session and and the InvocationContext session are different.
The request's session can be null, even if the InvocationContext's session is
not).
Calling .getSession() in this manner forcefully creates a session.
An appropriate check here might be
{noformat}HttpSession httpSession =
ServletActionContext.getRequest().getSession(false);
if(httpSession != null) {
... // get sessionId and synchronize on it
}
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
