Thanks a Ton Martijn and Berin! I will soon try an upgrade to 1.3.4 and try it out. Once again my sincere thanks to you all for your speedy help!
Martijn Dashorst wrote: > > the fix was a by-product of this issue: > > https://issues.apache.org/jira/browse/WICKET-1409 > > So yes, upgrading to 1.3.4 or newer will fix your issue. Go convince > your management and tell them that it helps to keep up-to-date with > open source products because we tend to fix things (at no cost for > that matter!) > > Martijn > > On Fri, Jan 8, 2010 at 3:17 PM, Martijn Dashorst > <[email protected]> wrote: >> 1.3.4 fixed this issue.... >> >> From the release notes [1]: >> >> * cross session leakage due to a dangling thread local in exceptional >> circumstances >> * memory leak in localizer (WICKET-1667) >> >> Martijn >> >> [1] http://wicket.apache.org/news.html#News-ApacheWicket1.3.4released%21 >> >> On Fri, Jan 8, 2010 at 2:56 PM, Martijn Dashorst >> <[email protected]> wrote: >>> There has been a session leak somewhere in 1.3 iirc. This has to do >>> with the thread locals that store Session, RequestCycle and >>> Application during a request not being removed correctly. >>> >>> Martijn >>> >>> On Fri, Jan 8, 2010 at 2:38 PM, allgo <[email protected]> wrote: >>>> >>>> ok will do. >>>> But just a question to the experts - have you heard of this issue >>>> before? >>>> I went through the links below >>>> http://old.nabble.com/Storing-user-entity-in-session--tt22113666.html#a22113666 >>>> http://old.nabble.com/Wicket-Session-and-threading-tt14595666.html#a14599963 >>>> >>>> >>>> and apparently storing hibernate session object in wicket session was >>>> causing similar issues. >>>> Am doing the same and could this be one possible reason. >>>> >>>> I will try an upgrade, but unfortunately as I told I had tried for long >>>> to >>>> replicate this is dev but in vain. Only way could be to release in Live >>>> and >>>> test. But that would need quite a bit of convincing of my superiors >>>> (which >>>> is a bit tricky for a junior developer like me - the application had >>>> been >>>> coded and released 2 yrs back and no upgrade doen since those >>>> developers >>>> left !! :-) ). But worth a shot. >>>> >>>> If it is a hibernate issue I can store the account Id instead of teh >>>> Account >>>> object itself in wicket session and do a minor release. >>>> >>>> I will try an upgrade for 1.3.7 in the mean time in dev and see if I >>>> need >>>> any code / API changes. >>>> >>>> Regards, >>>> Soumya >>>> >>>> >>>> >>>> Martijn Dashorst wrote: >>>>> >>>>> Seriously... *BETA*? upgrade and then come back if things are still >>>>> wrong. >>>>> >>>>> Martijn >>>>> >>>>> On Fri, Jan 8, 2010 at 1:21 PM, allgo <[email protected]> wrote: >>>>>> >>>>>> 1.3.0-beta3 actually. Copied it from the Manifest file >>>>>> >>>>>> Martijn Dashorst wrote: >>>>>>> >>>>>>> 1.3.0? >>>>>>> >>>>>>> Martijn >>>>>>> >>>>>>> On Fri, Jan 8, 2010 at 1:12 PM, allgo <[email protected]> >>>>>>> wrote: >>>>>>>> >>>>>>>> Hi, >>>>>>>> The wicket version is 1.3. Sorry should have mentioned that. >>>>>>>> >>>>>>>> As such the User A, after he logs on is getting assigned the >>>>>>>> Account >>>>>>>> object >>>>>>>> of User B. And after soem logs we can see that User B had logged on >>>>>>>> a >>>>>>>> while >>>>>>>> before. Hence that Accoutn object was definitely fetched a whiel >>>>>>>> before. >>>>>>>> I >>>>>>>> did see a few threads which say Hibernate may eb a culprit but am >>>>>>>> not >>>>>>>> sure >>>>>>>> thats the case here. >>>>>>>> >>>>>>>> Please do let me know if you need any more info. >>>>>>>> Thanks, >>>>>>>> SSP >>>>>>>> >>>>>>>> Martijn Dashorst wrote: >>>>>>>>> >>>>>>>>> A wicket version number would be helpful... >>>>>>>>> >>>>>>>>> Martijn >>>>>>>>> >>>>>>>>> On Fri, Jan 8, 2010 at 12:17 PM, Soumya <[email protected]> >>>>>>>>> wrote: >>>>>>>>>> Hi all, >>>>>>>>>> I am fairly a newbie in wicket and would appreciate your help! >>>>>>>>>> >>>>>>>>>> I >>>>>>>>>> have a wicket application which are used on Live by more than 500 >>>>>>>>>> users. Now the problem which has arisen is - say User A logs on - >>>>>>>>>> he >>>>>>>>>> is >>>>>>>>>> able to view details of User B. It has happened for different >>>>>>>>>> users >>>>>>>>>> and >>>>>>>>>> I am trying to dig the real reason. >>>>>>>>>> >>>>>>>>>> Here is my code details - >>>>>>>>>> 1) I use Hibernate to fetch 'Account' objects from backend >>>>>>>>>> passing on >>>>>>>>>> the >>>>>>>>>> username/password. >>>>>>>>>> >>>>>>>>>> 2) I use >>>>>>>>>> MyAppSession extends WebSession >>>>>>>>>> { >>>>>>>>>> private Account account; >>>>>>>>>> >>>>>>>>>> public InboundSession(Request request) >>>>>>>>>> { >>>>>>>>>> super(request); >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> public void setAccount(Account account) >>>>>>>>>> { >>>>>>>>>> this.account = account; >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> public Account getAccount() >>>>>>>>>> { >>>>>>>>>> return account; >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> public boolean isUserLoggedIn() >>>>>>>>>> { >>>>>>>>>> return account !=null; >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> So >>>>>>>>>> effectively I check if the Account object in session is null or >>>>>>>>>> not >>>>>>>>>> and >>>>>>>>>> accordingly decide whether a user is logged in or not. >>>>>>>>>> >>>>>>>>>> 2) In Login class I pass on the username/password to >>>>>>>>>> HibernateAccountDao >>>>>>>>>> and fetch the Account object. >>>>>>>>>> Account account = accountDao.getAccount(username, password) >>>>>>>>>> MyAppSession session = (MyAppSession )getSession(); >>>>>>>>>> session.setAccount(account); >>>>>>>>>> setResponsePage(Home.class); >>>>>>>>>> >>>>>>>>>> So effectively I fetch the accout object using hibernate and >>>>>>>>>> store it >>>>>>>>>> in >>>>>>>>>> wicket session. >>>>>>>>>> But I am not sure how these account objects are getting mixed up >>>>>>>>>> between >>>>>>>>>> users. >>>>>>>>>> >>>>>>>>>> Please can someone lead me to the route cause of the issue? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thanks in advance! >>>>>>>>>> SSP >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> The INTERNET now has a personality. YOURS! See your Yahoo! >>>>>>>>>> Homepage. >>>>>>>>>> http://in.yahoo.com/ >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Become a Wicket expert, learn from the best: >>>>>>>>> http://wicketinaction.com >>>>>>>>> Apache Wicket 1.4 increases type safety for web applications >>>>>>>>> Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 >>>>>>>>> >>>>>>>>> --------------------------------------------------------------------- >>>>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>>>> For additional commands, e-mail: [email protected] >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> View this message in context: >>>>>>>> http://old.nabble.com/Wicket-session-not-threadsafe--tp27074491p27075050.html >>>>>>>> Sent from the Wicket - User mailing list archive at Nabble.com. >>>>>>>> >>>>>>>> >>>>>>>> --------------------------------------------------------------------- >>>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>>> For additional commands, e-mail: [email protected] >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Become a Wicket expert, learn from the best: >>>>>>> http://wicketinaction.com >>>>>>> Apache Wicket 1.4 increases type safety for web applications >>>>>>> Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 >>>>>>> >>>>>>> --------------------------------------------------------------------- >>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>> For additional commands, e-mail: [email protected] >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> View this message in context: >>>>>> http://old.nabble.com/Wicket-session-not-threadsafe--tp27074491p27075144.html >>>>>> Sent from the Wicket - User mailing list archive at Nabble.com. >>>>>> >>>>>> >>>>>> --------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail: [email protected] >>>>>> For additional commands, e-mail: [email protected] >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Become a Wicket expert, learn from the best: http://wicketinaction.com >>>>> Apache Wicket 1.4 increases type safety for web applications >>>>> Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: [email protected] >>>>> For additional commands, e-mail: [email protected] >>>>> >>>>> >>>>> >>>> >>>> -- >>>> View this message in context: >>>> http://old.nabble.com/Wicket-session-not-threadsafe--tp27074491p27076056.html >>>> Sent from the Wicket - User mailing list archive at Nabble.com. >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>> >>>> >>> >>> >>> >>> -- >>> Become a Wicket expert, learn from the best: http://wicketinaction.com >>> Apache Wicket 1.4 increases type safety for web applications >>> Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 >>> >> >> >> >> -- >> Become a Wicket expert, learn from the best: http://wicketinaction.com >> Apache Wicket 1.4 increases type safety for web applications >> Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 >> > > > > -- > Become a Wicket expert, learn from the best: http://wicketinaction.com > Apache Wicket 1.4 increases type safety for web applications > Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > -- View this message in context: http://old.nabble.com/Wicket-session-not-threadsafe--tp27074491p27077378.html Sent from the Wicket - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
