Darryl Miles created WFLY-7754:
----------------------------------
Summary: WELD o.j.w.e.IllegalStateException after saved session does not
auto-recover
Key: WFLY-7754
URL:
https://issues.jboss.org/browse/WFLY-7754
Project: WildFly
Issue Type: Bug
Components: CDI / Weld, Web (Undertow)
Affects Versions: 10.0.0.Final
Reporter: Darryl Miles
Assignee: Stuart Douglas
When modifying the WELD bean profile between starting/stopping WildFly with persistent
session cookies over restart enabled.
It is possible to get an unrecoverable o.j.w.e.IllegalStateException.
What I mean by this is that if the AS knows the HTTP session cookie is a valid ID, but is
unable to recover it from the persistence serialization over a restart (due to a change in
the WELD BeanIdentifer instances changing to allow the optimization to work in this area).
What the AS should do is simply log the problem and invalidate the session cookie
completely. All this should happen in a transparent way to the WebApp, so it gets a null
return or a brand new HttpSession.
This will automatically allow the HTTP client to recover, by forcing the application to
generate a new HTTP session as necessary / or force logout, etc..
This is unrecoverable since the exception seems to be thrown at a level before it hits any
WebApp application code. So it doesn't seem possible for the WebApp developer to
correct the problem from the exception. Which makes sense since you need a HttpSession
object to invoke #invalidate() on and it is recovering that that is.
Everytime the user refreshes all they get is the error and a HTTP/500 Internal Server
Error and the user has to either delete their cookie, or the WildFly admin shutdown and
remove any persistent session cookie data.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)