billbarker 2003/01/09 21:39:11 Modified: src/share/org/apache/tomcat/core ServerSession.java src/share/org/apache/tomcat/modules/session SessionExpirer.java SimpleSessionStore.java Log: Make certain that a session has been recycled before being reused. I'm using STATE_INVALID to signal that it is OK to reuse the session (since it is currently unused). It might be better to rename it STATE_RECYCLED. Fix for bug #15894 Reported By: Christian Wicke [EMAIL PROTECTED] Revision Changes Path 1.14 +1 -2 jakarta-tomcat/src/share/org/apache/tomcat/core/ServerSession.java Index: ServerSession.java =================================================================== RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ServerSession.java,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- ServerSession.java 1 Sep 2001 00:48:48 -0000 1.13 +++ ServerSession.java 10 Jan 2003 05:39:11 -0000 1.14 @@ -127,7 +127,7 @@ Context context; ContextManager contextM; private Object notes[]=new Object[ContextManager.MAX_NOTES]; - private int state=STATE_NEW; + private int state=STATE_INVALID; Object facade; public ServerSession() { @@ -287,7 +287,6 @@ facade=null; attributes.clear(); ts.recycle(); - id.recycle(); } 1.5 +1 -0 jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SessionExpirer.java Index: SessionExpirer.java =================================================================== RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SessionExpirer.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- SessionExpirer.java 1 Sep 2001 00:52:37 -0000 1.4 +++ SessionExpirer.java 10 Jan 2003 05:39:11 -0000 1.5 @@ -167,6 +167,7 @@ // After expiring it, we clean up. if( debug > 0 ) se.log( "Recycling " + sses); sses.recycle(); + sses.setState( ServerSession.STATE_INVALID ); } } } 1.22 +3 -1 jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SimpleSessionStore.java Index: SimpleSessionStore.java =================================================================== RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SimpleSessionStore.java,v retrieving revision 1.21 retrieving revision 1.22 diff -u -r1.21 -r1.22 --- SimpleSessionStore.java 30 Aug 2002 05:41:42 -0000 1.21 +++ SimpleSessionStore.java 10 Jan 2003 05:39:11 -0000 1.22 @@ -272,13 +272,14 @@ log( "Shuting down " + id ); session.setState( ServerSession.STATE_SUSPEND ); session.setState( ServerSession.STATE_EXPIRED ); + session.setState( ServerSession.STATE_INVALID ); } } public int sessionState( Request req, ServerSession session, int state ) { TimeStamp ts=session.getTimeStamp(); - if( state==ServerSession.STATE_EXPIRED ) { + if( state==ServerSession.STATE_INVALID ) { // session moved to expire state - remove all attributes from // storage SimpleSessionManager ssm=(SimpleSessionManager)session.getManager(); @@ -417,6 +418,7 @@ // that's what the original code did oldS.setState( ServerSession.STATE_EXPIRED ); oldS.recycle(); + oldS.setState( ServerSession.STATE_INVALID ); } sessions.put( newId, session ); return (session);
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>