Hi Alex, you are probably right that clearState() is missing there. regards, toby
On Wed, May 13, 2015 at 3:20 AM, Alex Parvulescu <[email protected]> wrote: > Hi, > > Following an investigation into the compaction&cleanup issues, we (Michael > Duerig and I) noticed some SegmentNotFoundExceptions coming from the login > calls. > > Blissfully unaware of how this code is actually supposed to work, I > stumbled upon a what looks like a missing call to #clearState() from within > the #commit method of the ExternalLoginModule [1]. > I'm only assuming this because other implementations of the > AbstractLoginModule call #clearState when the login attempt did not go > through [2]. > > What I assume happens next is the old session (probably the initial one > created on the very first login call) could be reused throughout the > module's lifetime, which would in the end result in the SNFEs post > compaction. > > Could someone clarify this? > > thanks, > alex > > > [1] > https://github.com/apache/jackrabbit-oak/blob/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java#L262 > > [2] > https://github.com/apache/jackrabbit-oak/blob/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java#L186
