I've found that this could well be the cause of another related issue
which has been causing me misery for the last few months.

My 403.jsp has an element on it which is the result of a Web service
call called via a tag. The call is made only if a person of the correct
type is logged in as the call is protected by J2EE security. If nobody
is logged in then a login box is displayed. When the Web service is
called it is always done to the same server as displaying the 403 page.
There have been several occasions when the JSP will display the 403 page
and make the Web service call which will return a 403 which will make
the call which will return a 403, etc. etc. etc. until Resin maxes out
its thread, hangs and needs to be restarted.

To my mind this would only happen if the wrong session was being pulled
up with the call to request.getSession() in my tag.

Any pointers as how to debug and solve this would be very much
appreciated. For now I have removed the page element.

rgds,

Richard

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard Grantham
Sent: 18 June 2008 12:47
To: General Discussion for the Resin application server
Subject: Re: [Resin-interest] HttpSession.invalidate() doesn't

I upgraded to Resin 3.0.26 and while the problem has certainly eased in
frequency it has not disappeared. I have taken out the <always-save />
element. This wouldn't effect things would it?

rgds,

Richard




Richard Grantham
Development

-------------------------------
[EMAIL PROTECTED]
Limehouse Software Ltd
DDI: (020) 7566 3336
Main: (020) 7566 3320
Fax: (020) 7566 3321
Limehouse Software Ltd
4th Floor
1 London Bridge
London
SE1 9BG
Manchester Office:
3rd Floor, The Triangle, Exchange Square, Manchester M4 3TR
Tel: (0161) 240 2440, Fax: (0161) 240 2441, ISDN: 08700 119 400 Check
out Limehouse Software's innovative solutions
www.limehousesoftware.co.uk - Transforming the way you publish and
consult on information The information contained in this e-mail or in
any attachments is confidential and is intended solely for the named
addressee only. Access to this e-mail by anyone else is unauthorised. If
you are not the intended recipient, please notify Limehouse Software Ltd
immediately by returning this e-mail to sender or calling 020 7566 3320
and do not read, use or disseminate the information. Opinions expressed
in this e-mail are those of the sender and not necessarily the company.
Although an active anti-virus policy is operated, the company accepts no
liability for any damage caused by any virus transmitted by this e-mail,
including any attachments.-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sam
Sent: 17 June 2008 14:17
To: General Discussion for the Resin application server
Subject: Re: [Resin-interest] HttpSession.invalidate() doesn't

> I'm using resin-pro-3.0.25 in a three-server cluster with session 
> persistence configured using a MySQL database:
> 
> <persistent-store type="jdbc">
>       <init>
>               <data-source>jdbc/session</data-source>
>               <always-load />
>               <always-save />
>       </init>
> </persistent-store>
> 
> What I'm finding is that you can click logout up to 7 or 8 times 
> before your session actually gets invalidated. The implementation of 
> HttpSessionListener is doing its thing. The logout servlet is doing 
> its thing but from what I can see the req.getSession().invalidate() 
> call is NOT being respected.

I believe that problem is addressed in 3.0.26, issue #2485 reported in
the change log here:
http://www.caucho.com/resin-3.0/features/changes.xtp

> PS. I am loath to switch (back) to using clustered sessions as I've 
> had issues with random logouts and loads of timeout errors in the logs

> related to the internal Resin session store.

There were a number if cluster store issues reported in the 3.1 branch,
but the remaining issues in 3.0 have generally not been reported to us,
we found them by doing increased stress testing for the 3.1 release.

Take care,

-- Sam


_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest


_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest


_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to