Hidevelopers!
I recently changed to WildFly so to undertowtoo. Unfortunately I got an issue and I
hopethis dev list is the right place to questions regarding undertow. The issue occurs
when there are two sessionsand I want to invalidate from one session A the anotherone B.
The session B is invalidated but unfortunately a new request fromsession A will create a
new session C and Session A will remain in the memory.Digging alittle bit in the source
code, I found that when the session B is invalidated, HttpSessionImpl.invalidate()function
is called, where the 'exchange' object is got and passed to
thesession.invalidate:
ServletRequestContextcurrent = SecurityActions.currentServletRequestContext();
if (current == null) {
session.invalidate(null);
} else {
session.invalidate(current.getOriginalRequest().getExchange());
}
Then the session B instance InMemorySessionManager.invalidate () line 415 the following
is called:
if(exchange != null) {
sessionCookieConfig.clearSession(exchange, this.getId());
}
where theold session's (Session B) id what was removed, destroyed is placed as cookie
with expired date onto the exchange(the response) Cookie cookie = new
CookieImpl(cookieName, sessionId)
... exchange.setResponseCookie(cookie);
So the nextrequest will not contain the right cookie so the session will not be found anda
new session will be created (ServletContextImpl.getSession()). That's the main cause
what I see.
I checkedissue UNDERTOW-261 what is sounds very similar, but this is not the casebecause
the session remains active in the memory but a new one still created.
Usedundertow 1.1.x branch for sources, as WildFly 8.2.0 with undertow 1.1.0.Final.
I’m doingsomething wrong or it is a bug? Any feedback is appreciated. Thanks in advance!
Best Regards,lalo
Show replies by date