[
https://issues.jboss.org/browse/CDI-383?page=com.atlassian.jira.plugin.sy...
]
Mark Struberg commented on CDI-383:
-----------------------------------
Session invalidation != application shutdown.
I think this paragraph in the servlet spec exists because the containers are allowed to
either persist the sessions and reuse them at a later restart OR to not use persistent
sessions. In the later case the sessioncontexts need to get destroyed of course.
I asked myself the same question when working on this in OWB. And the conclusio (after
discussing with many other people) was that we should _strictly_ follow the Session
listener. If he tells us to destroy the session then we also gonna kill this very
sessioncontext. If not then nothing happens.
What is the impact of evicting the session anyway? The most important is that the
@PreDestroy method on @SessionScoped beans get called. But what if the server is
clustered? If a single node goes down this doesn't mean that the users session is
dead. It could have been survived on a memcached (and get picked up from other nodes if
required). Or there might be node-pairing and the shutdown might be part of a
'ripple-restart'. In this case the session survives as well as it got replicated
to the paired node.
My conclusio of all those things was that @PreDestroy in any passivating bean is _not_
reliable anyway. What if the cluster goes down and the new application version is not able
to deserialize the bean again? What if the time spent during shut down is too long and the
server doesn't even bother to reload the session from disk again (as he knows it is
already timed out). Or think about @ViewScoped beans in case JSF is configured to use
client-side state saving. And the user just closes his browser ;) There are many similar
cases where you cannot 100% rely on beans in passivating scopes to be cleaned up properly.
Clarify that session context is also destroyed at shutdown/undeploy
-------------------------------------------------------------------
Key: CDI-383
URL:
https://issues.jboss.org/browse/CDI-383
Project: CDI Specification Issues
Issue Type: Bug
Components: Contexts
Affects Versions: 1.1.PFD
Reporter: Marko Lukša
Section 6.7.2. states "The session context is destroyed
when the HTTPSession times out, after all HttpSessionListener s have been called, and at
the very end of any request
in which invalidate() was called, after all filters and ServletRequestListener s have
been called."
The first part of the above sentence should not only say that the context is destroyed
after all listeners have been called specifically in the event of a session timeout. It
should specify that this is also true when the session is being destroyed as a result of
server shutdown or web-app undeploy.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)