Hi,
I debugged thru Tomcat3.2.1 source code this morning and
it too has the same problem:
Session.access() is called only once per request, before the
request is processed (called by findSession in StandardManager)
This would mean that getLastAccessedTime() always gives
the time of (last-1) request. And the session-expiry thread
looks at the wrong-time. IF getLastAccessedTime() should
return the time of (last-1) request, then perhaps there
should be another method getAccessedTime() that returns
thisAccessedTime in StandardSession and this would be used
by the session-expiry thread?
Waiting to hear your responses,
Thanks,
Murthy
----------------------------------------------------------
>This was discussed by the expert group for servlet 2.3,
>and Kief's understanding is what we came up with. In
>addition, that is what Section 7.6 says in 2.3 PFD
>(emphasis is added):
>
> The getLastAccessedTime method of the HttpSession
>interface allows a servlet to determine the last time the
>session was accessed BEFORE the current request.
>
>Other subtleties:
>
>* The access time should be updated at the beginning of
>the request, rather than the end.
>
>* The session is considered "accessed" when the container
>recognizes that the request is part of a valid session,
>even if the application never calls request.getSession()
>on that particular request.
It doesn't look like we're doing this in Catalina 4.0, or am I missing
something?
Session.access() only seems to be called when request.getSession() is
called.
Also, if the access time is updated at the beginning of the request, what
should
getLastAccessedTime() return? Let's say at the beginning of the request,
the
access() method is called, and does:
this.lastAccessedTime = this.thisAccessedTime;
this.thisAccessedTime = System.currentTimeMillis();
Fine. But what happens after the request is complete, and the session
expiration
thread calls getLastAccessedTime() to compare it against
maxInactiveInterval, it
will be using the time of the request before the most recent request. So if
request B
comes in 20 minutes after request A, the container will expire the session
10
minutes after the most recent request (assuming default values), since
getLastAccessedTime() will return the time that request A happened. What am
I
missing?
Kief
_________________________________________________________________
http://www.TeamOn.com Transform Your E-mail into an Online Office
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
