[
https://jira.terracotta.org/jira//browse/CDV-413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_23070
]
Tim Eck commented on CDV-413:
-----------------------------
another use case scenario for non-request based session access
http://forums.terracotta.org/forums/posts/list/478.page
> Allow session access outside the context of an http request for that session
> ----------------------------------------------------------------------------
>
> Key: CDV-413
> URL: https://jira.terracotta.org/jira//browse/CDV-413
> Project: Community Development
> Issue Type: New Feature
> Components: Sessions
> Affects Versions: 2.4.3
> Reporter: Tim Eck
> Assignee: Product Management
>
> There are multiple issues with the current session implementation when/if
> sessions are accessed via "unusual" means. Normally sessions are looked up
> via the HttpServletRequest.getSession(..) methods. If session instances are
> made accessible via another means (e.g. a static map, a shared DSO data
> structure, etc), a variety of problems happen.
> The "normal" session lookup path does a few things that are subverted when
> sessions are made accessible:
> 1) No DSO lock started
> 2) transients in SessionData not initialized
> The first item can lead to unlocked expceptions and/or assertion errors in
> invalidate(). The second leads to NPE
> A valid use case for doing something like this is to prevent a user from
> starting more than one valid session in the cluster.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.terracotta.org/jira//secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
tc-dev mailing list
[email protected]
http://lists.terracotta.org/mailman/listinfo/tc-dev
