<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:13px"><div id="yui_3_16_0_1_1420531694108_5620"><span></span></div><div id="yui_3_16_0_1_1420531694108_5620" dir="ltr"><span> Hi!</span></div><div id="yui_3_16_0_1_1420531694108_5620" dir="ltr"><span><br></span></div><div id="yui_3_16_0_1_1420531694108_5620" dir="ltr"><span id="yui_3_16_0_1_1420531694108_5763"> I tested with the latest version from the branch and it is working correctly now. :)</span></div><div id="yui_3_16_0_1_1420531694108_5620" dir="ltr"><span> </span><span style="font-size: 12.7272720336914px;" class="" id="yui_3_16_0_1_1420531694108_5972">Thank you a lot!</span></div><div id="yui_3_16_0_1_1420531694108_5620" dir="ltr"><span><br></span></div><div id="yui_3_16_0_1_1420531694108_5620" dir="ltr"><span id="yui_3_16_0_1_1420531694108_5876"> Best Regards,</span></div><div id="yui_3_16_0_1_1420531694108_5620" dir="ltr"><span> Lalo</span></div><br> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 13px;" id="yui_3_16_0_1_1420531694108_5593"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;" id="yui_3_16_0_1_1420531694108_5592"> <div dir="ltr" id="yui_3_16_0_1_1420531694108_5619"> <hr size="1" id="yui_3_16_0_1_1420531694108_5669"> <font size="2" face="Arial" id="yui_3_16_0_1_1420531694108_5633"> <b><span style="font-weight:bold;">From:</span></b> Stuart Douglas <sdouglas@redhat.com><br> <b><span style="font-weight: bold;">To:</span></b> Kovacs Lajos <y_lalo@yahoo.com> <br><b><span style="font-weight: bold;">Cc:</span></b> undertow-dev@lists.jboss.org <br> <b><span style="font-weight: bold;">Sent:</span></b> Tuesday, January 6, 2015 3:15 AM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [undertow-dev] invalidate session<br> </font> </div> <div class="y_msg_container" id="yui_3_16_0_1_1420531694108_5591"><br>I have pushed a potential solution into the 1.1.x branch.<br clear="none"><br clear="none">Stuart<br clear="none"><div class="qtdSeparateBR"><br><br></div><div class="yqt3174620875" id="yqtfd40401"><br clear="none">----- Original Message -----<br clear="none">> From: "Kovacs Lajos" <<a shape="rect" ymailto="mailto:y_lalo@yahoo.com" href="mailto:y_lalo@yahoo.com" id="yui_3_16_0_1_1420531694108_6489">y_lalo@yahoo.com</a>><br clear="none">> To: <a shape="rect" ymailto="mailto:undertow-dev@lists.jboss.org" href="mailto:undertow-dev@lists.jboss.org" id="yui_3_16_0_1_1420531694108_6490">undertow-dev@lists.jboss.org</a><br clear="none">> Sent: Tuesday, 6 January, 2015 3:11:55 AM<br clear="none">> Subject: [undertow-dev] invalidate session<br clear="none">> <br clear="none">> Hi developers!<br clear="none">> I recently changed to WildFly so to undertow too. Unfortunately I got an<br clear="none">> issue and I hope this dev list is the right place to questions regarding<br clear="none">> undertow.<br clear="none">> The issue occurs when there are two sessions and I want to invalidate from<br clear="none">> one session A the another one B. The session B is invalidated but<br clear="none">> unfortunately a new request from session A will create a new session C and<br clear="none">> Session A will remain in the memory.<br clear="none">> Digging a little bit in the source code, I found that when the session B is<br clear="none">> invalidated, HttpSessionImpl.invalidate() function is called, where the<br clear="none">> 'exchange' object is got and passed to the session.invalidate:<br clear="none">> <br clear="none">> ServletRequestContext current =<br clear="none">> SecurityActions.currentServletRequestContext();<br clear="none">> if (current == null) {<br clear="none">> session.invalidate(null);<br clear="none">> } else {<br clear="none">> session.invalidate(current.getOriginalRequest().getExchange());<br clear="none">> }<br clear="none">> <br clear="none">> Then the session B instance InMemorySessionManager.invalidate () line 415 the<br clear="none">> following is called:<br clear="none">> if (exchange != null) {<br clear="none">> sessionCookieConfig.clearSession(exchange, this.getId());<br clear="none">> }<br clear="none">> <br clear="none">> where the old session's (Session B) id what was removed, destroyed is placed<br clear="none">> as cookie with expired date onto the exchange (the response)<br clear="none">> Cookie cookie = new CookieImpl (cookieName, sessionId)<br clear="none">> ...<br clear="none">> exchange . setResponseCookie(cookie);<br clear="none">> <br clear="none">> So the next request will not contain the right cookie so the session will not<br clear="none">> be found and a new session will be created<br clear="none">> (ServletContextImpl.getSession()). That's the main cause what I see.<br clear="none">> <br clear="none">> I checked issue UNDERTOW-261 what is sounds very similar, but this is not the<br clear="none">> case because the session remains active in the memory but a new one still<br clear="none">> created.<br clear="none">> <br clear="none">> Used undertow 1.1.x branch for sources, as WildFly 8.2.0 with undertow<br clear="none">> 1.1.0.Final.<br clear="none">> I’m doing something wrong or it is a bug? Any feedback is appreciated. Thanks<br clear="none">> in advance!<br clear="none">> <br clear="none">> Best Regards,<br clear="none">> lalo</div><br clear="none">> <br clear="none">> _______________________________________________<br clear="none">> undertow-dev mailing list<br clear="none">> <a shape="rect" ymailto="mailto:undertow-dev@lists.jboss.org" href="mailto:undertow-dev@lists.jboss.org">undertow-dev@lists.jboss.org</a><br clear="none">> <a shape="rect" href="https://lists.jboss.org/mailman/listinfo/undertow-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/undertow-dev</a><br><br></div> </div> </div> </div></body></html>