Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
[EMAIL PROTECTED] wrote: luehe 2005/03/25 08:49:28 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: Commented out session validity check in StandardSession.getId(). Will revisit for 5.5.10. There will be two options for the internal components, I think: 1) use a new getIdInternal method 2) call isValild before doing the stuff (this might be better) Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Yoav, Yoav Shapira wrote: Hola, My believe is that the above errata will be reflected in the next (maintenance) release of the servlet spec. I will remind the servlet spec lead that this needs to happen. Jan What's the ETA on this maintenance spec release? work is supposed to start sometime this summer, and will be completed in time for J2EE 5.0 FCS. Jan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
[EMAIL PROTECTED] wrote: billbarker2005/03/21 19:50:03 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: From the comments for R1.11, it seems that some early version of the spec had an exception here. However, this didn't survive to the final spec version, so we can once again allow access to getLastAccessedTime from an invalid session. Fix for Bug #34107 I didn't know that, as the javadoc actually says: getLastAccessedTime public long getLastAccessedTime() Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT, and marked by the time the container received the request. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. Returns: a long representing the last time the client sent a request associated with this session, expressed in milliseconds since 1/1/1970 GMT Throws: java.lang.IllegalStateException - if this method is called on an invalidated session Which paragraph in the spec has the conflicting statement ? Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
- Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List tomcat-dev@jakarta.apache.org Sent: Tuesday, March 22, 2005 1:57 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java [EMAIL PROTECTED] wrote: billbarker2005/03/21 19:50:03 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: From the comments for R1.11, it seems that some early version of the spec had an exception here. However, this didn't survive to the final spec version, so we can once again allow access to getLastAccessedTime from an invalid session. Fix for Bug #34107 I didn't know that, as the javadoc actually says: getLastAccessedTime public long getLastAccessedTime() Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT, and marked by the time the container received the request. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. Returns: a long representing the last time the client sent a request associated with this session, expressed in milliseconds since 1/1/1970 GMT Throws: java.lang.IllegalStateException - if this method is called on an invalidated session Which paragraph in the spec has the conflicting statement ? It's the java-doc for jakarta-servletapi-5 that is wrong. The javadocs in the servlet spec do not contain a 'throws' clause. See also: http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpSession.html#getLastAccessedTime() Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Bill Barker wrote: - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List tomcat-dev@jakarta.apache.org Sent: Tuesday, March 22, 2005 1:57 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java [EMAIL PROTECTED] wrote: billbarker2005/03/21 19:50:03 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: From the comments for R1.11, it seems that some early version of the spec had an exception here. However, this didn't survive to the final spec version, so we can once again allow access to getLastAccessedTime from an invalid session. Fix for Bug #34107 I didn't know that, as the javadoc actually says: getLastAccessedTime public long getLastAccessedTime() Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT, and marked by the time the container received the request. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. Returns: a long representing the last time the client sent a request associated with this session, expressed in milliseconds since 1/1/1970 GMT Throws: java.lang.IllegalStateException - if this method is called on an invalidated session Which paragraph in the spec has the conflicting statement ? It's the java-doc for jakarta-servletapi-5 that is wrong. The javadocs in the servlet spec do not contain a 'throws' clause. See also: http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpSession.html#getLastAccessedTime() Here: http://jcp.org/aboutJava/communityprocess/maintenance/jsr154/154errata.txt I now read: 2. Fix typos in HttpSession.java Replace: * @exeption IllegalStateException if this method is called on an * invalidated session in javadoc of getId() and getLastAccessedTime() With: * @exception IllegalStateException if this method is called on an * invalidated session This fix causes the following addition to HttpSession.getId() and HttpSession.getLastAccessedTime() methods. Since these two methods are already implemented in all containers to throw this exception and the spec clearly intends to do so, this is not changing the spec. SRV.15.1.7.1 Page 267, 268 Throws: IllegalStateException - if this method is called on an invalidated session There's highly conflicting information ... Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
[EMAIL PROTECTED] wrote: billbarker2005/03/22 07:26:44 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: Reverting change. Note to self: Next time check the errata as well as -fr I think someone closer to the spec needs to comment on these contradictions, because the errata also says getId should throw an ISE (while we do not). Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
- Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List tomcat-dev@jakarta.apache.org Sent: Tuesday, March 22, 2005 7:46 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java [EMAIL PROTECTED] wrote: billbarker2005/03/22 07:26:44 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: Reverting change. Note to self: Next time check the errata as well as -fr I think someone closer to the spec needs to comment on these contradictions, because the errata also says getId should throw an ISE (while we do not). Agreed. If we start throwing an ISE on getId, we are going to break every app that uses HttpSessionBindingListener. However, if the expert group says we must, then we must. Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Remy Maucherat wrote: Bill Barker wrote: - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List tomcat-dev@jakarta.apache.org Sent: Tuesday, March 22, 2005 1:57 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java [EMAIL PROTECTED] wrote: billbarker2005/03/21 19:50:03 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: From the comments for R1.11, it seems that some early version of the spec had an exception here. However, this didn't survive to the final spec version, so we can once again allow access to getLastAccessedTime from an invalid session. Fix for Bug #34107 I didn't know that, as the javadoc actually says: getLastAccessedTime public long getLastAccessedTime() Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT, and marked by the time the container received the request. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. Returns: a long representing the last time the client sent a request associated with this session, expressed in milliseconds since 1/1/1970 GMT Throws: java.lang.IllegalStateException - if this method is called on an invalidated session Which paragraph in the spec has the conflicting statement ? It's the java-doc for jakarta-servletapi-5 that is wrong. The javadocs in the servlet spec do not contain a 'throws' clause. See also: http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpSession.html#getLastAccessedTime() Here: http://jcp.org/aboutJava/communityprocess/maintenance/jsr154/154errata.txt I now read: 2. Fix typos in HttpSession.java Replace: * @exeption IllegalStateException if this method is called on an * invalidated session in javadoc of getId() and getLastAccessedTime() With: * @exception IllegalStateException if this method is called on an * invalidated session This fix causes the following addition to HttpSession.getId() and HttpSession.getLastAccessedTime() methods. Since these two methods are already implemented in all containers to throw this exception and the spec clearly intends to do so, this is not changing the spec. SRV.15.1.7.1 Page 267, 268 Throws: IllegalStateException - if this method is called on an invalidated session There's highly conflicting information ... I think the intention is for both methods to throw an ISE in case they're being called on an invalidated session, as has been clarified by the errata. It seems this has been the intent for both methods from the very beginning, except that the throws clauses in the javadocs at http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpSession.html which are also copied in the servlet spec, were never generated for these 2 methods because of a stupid typo (@exeption vs @exception) in the HttpSession.java source file. The HttpSession.java source in jakarta-servletapi-5 already has the fix. My believe is that the above errata will be reflected in the next (maintenance) release of the servlet spec. I will remind the servlet spec lead that this needs to happen. Jan Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Hola, My believe is that the above errata will be reflected in the next (maintenance) release of the servlet spec. I will remind the servlet spec lead that this needs to happen. Jan What's the ETA on this maintenance spec release? Yoav - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
- Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 21, 2005 8:25 AM Subject: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java remm2005/03/21 08:25:53 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: - 34107: I would think the session should still be seen as valid when notifying attributes of unbinding. - Does this cause regressions or not ? As promised, a big -1 on this. It breaks the servlet-spec, which specifically states that the session is invalid. This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Hi,
IMO, this will not work if you are trying to avoid serializing attributes
with the name javax.security.auth.subject.
Daniel
From: [EMAIL PROTECTED]
Reply-To: Tomcat Developers List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session
StandardSession.java
Date: 1 Apr 2004 17:39:53 -
jfarcand2004/04/01 09:39:53
Modified:catalina/src/share/org/apache/catalina Globals.java
catalina/src/share/org/apache/catalina/session
StandardSession.java
Log:
Minor fixe. Instead of using an exclude list, make the variable
transient.
Revision ChangesPath
1.8 +2 -2
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Globals.java
Index: Globals.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Globals.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Globals.java 27 Feb 2004 14:58:38 - 1.7
+++ Globals.java 1 Apr 2004 17:39:53 - 1.8
@@ -287,7 +287,7 @@
/**
* The subject under which the AccessControlContext is running.
*/
-public static final String SUBJECT_ATTR =
+public static transient final String SUBJECT_ATTR =
javax.security.auth.subject;
1.42 +2 -26
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java
Index: StandardSession.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- StandardSession.java 25 Mar 2004 22:17:54 - 1.41
+++ StandardSession.java 1 Apr 2004 17:39:53 - 1.42
@@ -160,14 +160,6 @@
/**
- * Set of attribute names which are not allowed to be persisted.
- */
-private static final String[] excludedAttributes = {
-Globals.SUBJECT_ATTR
-};
-
-
-/**
* We are currently processing a session expiration, so bypass
* certain IllegalStateException tests. NOTE: This value is not
* included in the serialized version of this object.
@@ -1393,8 +1385,7 @@
}
if (value == null)
continue;
-else if ( (value instanceof Serializable)
- (!exclude(keys[i]) )) {
+else if ( (value instanceof Serializable) ) {
saveNames.add(keys[i]);
saveValues.add(value);
} else {
@@ -1422,21 +1413,6 @@
}
}
-}
-
-
-/**
- * Exclude attribute that cannot be serialized.
- * @param name the attribute's name
- */
-protected boolean exclude(String name){
-
-for (int i = 0; i excludedAttributes.length; i++) {
-if (name.equalsIgnoreCase(excludedAttributes[i]))
-return true;
-}
-
-return false;
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_
Chat: Ha en fest på Habbo Hotel
http://habbohotel.msn.se/habbo/sv/channelizer Checka in här!
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
daniel andefors wrote:
Hi,
IMO, this will not work if you are trying to avoid serializing
attributes with the name javax.security.auth.subject.
You are right. The key will not be serializable, but the value will be.
I also need to make the value (e.g. the Subject) transient.
Thanks!
-- Jeanfrancois
Daniel
From: [EMAIL PROTECTED]
Reply-To: Tomcat Developers List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session
StandardSession.java
Date: 1 Apr 2004 17:39:53 -
jfarcand2004/04/01 09:39:53
Modified:catalina/src/share/org/apache/catalina Globals.java
catalina/src/share/org/apache/catalina/session
StandardSession.java
Log:
Minor fixe. Instead of using an exclude list, make the variable
transient.
Revision ChangesPath
1.8 +2 -2
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Globals.java
Index: Globals.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Globals.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Globals.java27 Feb 2004 14:58:38 -1.7
+++ Globals.java1 Apr 2004 17:39:53 -1.8
@@ -287,7 +287,7 @@
/**
* The subject under which the AccessControlContext is running.
*/
-public static final String SUBJECT_ATTR =
+public static transient final String SUBJECT_ATTR =
javax.security.auth.subject;
1.42 +2 -26
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java
Index: StandardSession.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- StandardSession.java25 Mar 2004 22:17:54 -1.41
+++ StandardSession.java1 Apr 2004 17:39:53 -1.42
@@ -160,14 +160,6 @@
/**
- * Set of attribute names which are not allowed to be persisted.
- */
-private static final String[] excludedAttributes = {
-Globals.SUBJECT_ATTR
-};
-
-
-/**
* We are currently processing a session expiration, so bypass
* certain IllegalStateException tests. NOTE: This value is not
* included in the serialized version of this object.
@@ -1393,8 +1385,7 @@
}
if (value == null)
continue;
-else if ( (value instanceof Serializable)
- (!exclude(keys[i]) )) {
+else if ( (value instanceof Serializable) ) {
saveNames.add(keys[i]);
saveValues.add(value);
} else {
@@ -1422,21 +1413,6 @@
}
}
-}
-
-
-/**
- * Exclude attribute that cannot be serialized.
- * @param name the attribute's name
- */
-protected boolean exclude(String name){
-
-for (int i = 0; i excludedAttributes.length; i++) {
-if (name.equalsIgnoreCase(excludedAttributes[i]))
-return true;
-}
-
-return false;
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_
Chat: Ha en fest på Habbo Hotel
http://habbohotel.msn.se/habbo/sv/channelizer Checka in här!
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
From: Jeanfrancois Arcand [EMAIL PROTECTED]
Reply-To: Tomcat Developers List [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Subject: Re: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session
StandardSession.java
Date: Thu, 01 Apr 2004 14:13:42 -0500
daniel andefors wrote:
Hi,
IMO, this will not work if you are trying to avoid serializing attributes
with the name javax.security.auth.subject.
You are right. The key will not be serializable, but the value will be. I
also need to make the value (e.g. the Subject) transient.
Actually, i think that will not help either. AFAIK, the transient keyword
should only be used on non-static fields to make the *default* serialization
mechanism exclude that field (i.e., oos.defaultWriteObject() will not write
transient fields, oos.writeObject(...) will write whatever object used as
argument assuming it implements java.io.Serializable or
java.io.Externalizable).
Although, i might be wrong, and if I am I should probably give you my
SCJP diploma ;-)
Daniel
Thanks!
-- Jeanfrancois
Daniel
From: [EMAIL PROTECTED]
Reply-To: Tomcat Developers List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session
StandardSession.java
Date: 1 Apr 2004 17:39:53 -
jfarcand2004/04/01 09:39:53
Modified:catalina/src/share/org/apache/catalina Globals.java
catalina/src/share/org/apache/catalina/session
StandardSession.java
Log:
Minor fixe. Instead of using an exclude list, make the variable
transient.
Revision ChangesPath
1.8 +2 -2
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Globals.java
Index: Globals.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Globals.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Globals.java27 Feb 2004 14:58:38 -1.7
+++ Globals.java1 Apr 2004 17:39:53 -1.8
@@ -287,7 +287,7 @@
/**
* The subject under which the AccessControlContext is running.
*/
-public static final String SUBJECT_ATTR =
+public static transient final String SUBJECT_ATTR =
javax.security.auth.subject;
1.42 +2 -26
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java
Index: StandardSession.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- StandardSession.java25 Mar 2004 22:17:54 -1.41
+++ StandardSession.java1 Apr 2004 17:39:53 -1.42
@@ -160,14 +160,6 @@
/**
- * Set of attribute names which are not allowed to be persisted.
- */
-private static final String[] excludedAttributes = {
-Globals.SUBJECT_ATTR
-};
-
-
-/**
* We are currently processing a session expiration, so bypass
* certain IllegalStateException tests. NOTE: This value is not
* included in the serialized version of this object.
@@ -1393,8 +1385,7 @@
}
if (value == null)
continue;
-else if ( (value instanceof Serializable)
- (!exclude(keys[i]) )) {
+else if ( (value instanceof Serializable) ) {
saveNames.add(keys[i]);
saveValues.add(value);
} else {
@@ -1422,21 +1413,6 @@
}
}
-}
-
-
-/**
- * Exclude attribute that cannot be serialized.
- * @param name the attribute's name
- */
-protected boolean exclude(String name){
-
-for (int i = 0; i excludedAttributes.length; i++) {
-if (name.equalsIgnoreCase(excludedAttributes[i]))
-return true;
-}
-
-return false;
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_
Chat: Ha en fest på Habbo Hotel
http://habbohotel.msn.se/habbo/sv/channelizer Checka in här!
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_
Auktioner: Tjäna en hacka på gamla prylar
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Remy Maucherat wrote: Remy Maucherat wrote: [EMAIL PROTECTED] wrote: luehe 2004/03/10 20:18:31 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: Fixed regression re: Bugtraq 4839736 (HttpSession.setMaxInactiveInterval() doesn't behave as expected), which had been originally fixed in revision 1.20 -1. I don't agree with this change: the session is (apparently) supposed to be valid while it is being accessed, regardless of MaxInactiveInterval. See bug 26051. Your example from revision 1.20 seems invalid. Yes, you're right, and I'm going to revert the change. Jan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
[EMAIL PROTECTED] wrote:
luehe 2004/03/10 20:18:31
Modified:catalina/src/share/org/apache/catalina/session
StandardSession.java
Log:
Fixed regression re: Bugtraq 4839736
(HttpSession.setMaxInactiveInterval() doesn't behave as expected),
which had been originally fixed in revision 1.20
-1. I don't agree with this change: the session is (apparently) supposed
to be valid while it is being accessed, regardless of MaxInactiveInterval.
-if (accessCount 0) {
-return true;
-}
-
if (maxInactiveInterval = 0) {
long timeNow = System.currentTimeMillis();
int timeIdle = (int) ((timeNow - thisAccessedTime) / 1000L);
if (timeIdle = maxInactiveInterval) {
expire(true);
}
+}
+
+if (accessCount 0) {
+return true;
}
Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Remy Maucherat wrote: [EMAIL PROTECTED] wrote: luehe 2004/03/10 20:18:31 Modified:catalina/src/share/org/apache/catalina/session StandardSession.java Log: Fixed regression re: Bugtraq 4839736 (HttpSession.setMaxInactiveInterval() doesn't behave as expected), which had been originally fixed in revision 1.20 -1. I don't agree with this change: the session is (apparently) supposed to be valid while it is being accessed, regardless of MaxInactiveInterval. See bug 26051. Your example from revision 1.20 seems invalid. Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
My hair splitting detector is beeping. This session code will need to be optimized, BTW. Will do. Tomorrow OK? Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session StandardSession.java
Resending from right account. My hair splitting detector is beeping. This session code will need to be optimized, BTW. Will do. Tomorrow OK? Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
