[jboss-jira] [JBoss JIRA] (WFLY-6489) Distributable session may not exist after redirect to same node with optimistic locking.

Gabriel Lavoie (JIRA) issues at jboss.org
Mon Apr 18 14:41:00 EDT 2016 

    [ https://issues.jboss.org/browse/WFLY-6489?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13193363#comment-13193363 ] 

Gabriel Lavoie edited comment on WFLY-6489 at 4/18/16 2:40 PM:
---------------------------------------------------------------

I've a tested a new build with your pull request and the NPE has been fixed.

{quote}"So long as you don't have referential integrity constraints across session attributes (e.g. a given object isn't referenced by multiple session attributes), you can use attribute replication without issue."{quote}

I don't understand your statement, if I have a mutable complex object and I get it and modifies it within a request, it will not get replicated at the end of the request with transactions disabled unless I explicitly call session.setAttribute() on it again. 

There is another example where the session attribute application doesn't work at all with batch disabled: use of the <jsp:useBean/> tag. 

In the following sample, we never see the Date update on the second node:

{code}
<%@ page import="java.util.Date" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>

<jsp:useBean id="complexAttr" scope="session" class="bean.ComplexAttr"/>

<%
complexAttr.value = new Date();
%>
{code}

{code}
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<jsp:useBean id="complexAttr" scope="session" class="bean.ComplexAttr"/>


<html>
<head>
    <title></title>
</head>
<body>
Date is: <%=complexAttr.value%>
</body>
</html>
{code}

{code}
package bean;

import java.io.Serializable;
import java.util.Date;

public class ComplexAttr implements Serializable {
    public Date value;
}
{code}

This second pattern is critical to us as we also have a lot of usage of session scoped bean in our JSPs.


was (Author: glavoie):
I've a tested a new build with your pull request and the NPE has been fixed.

{quote}"So long as you don't have referential integrity constraints across session attributes (e.g. a given object isn't referenced by multiple session attributes), you can use attribute replication without issue."{quote}

I don't understand your statement, if I have a mutable complex object and I get it and modifies it within a request, it will not get replicated at the end of the request with transactions disabled unless I explicitly call session.setAttribute() on it again. 

There is another example where the session attribute application doesn't work at all with batch disabled: use of the <jsp:useBean/> tag. 

In the following sample, we never see the Date update on the second node:

{code}
<%@ page import="java.util.Date" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>

<jsp:useBean id="complexAttr" scope="session" class="bean.ComplexAttr"/>

<%
complexAttr.value = new Date();
%>
{code}

{code}
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<jsp:useBean id="complexAttr" scope="session" class="bean.ComplexAttr"/>


<html>
<head>
    <title></title>
</head>
<body>
Date is: <%=complexAttr.value%>
</body>
</html>
{code}

{code}
package bean;

import java.io.Serializable;
import java.util.Date;

public class ComplexAttr implements Serializable {
    public Date value;
}
{code}

> Distributable session may not exist after redirect to same node with optimistic locking.
> ----------------------------------------------------------------------------------------
>
>                 Key: WFLY-6489
>                 URL: https://issues.jboss.org/browse/WFLY-6489
>             Project: WildFly
>          Issue Type: Bug
>          Components: Clustering
>    Affects Versions: 8.2.1.Final, 10.0.0.Final, 10.1.0.Final
>            Reporter: Gabriel Lavoie
>            Assignee: Paul Ferraro
>            Priority: Critical
>         Attachments: wfly-6489-showcase.zip, wildfly-10-session-issue.zip
>
>
> I'm currently working on porting an application running on EAP 6.1 to WildFly 10 and am encountering multiple session/authentication issues with clustering enabled. Our login flow currently starts from a servlet that accepts the credentials, creates the session, then redirect to the welcome page. 
> The first time we execute this flow after the startup of a node, the welcome page can't see at all the session created previously.
> - request.getSession() creates yet another session and a new session cookie is returned.
> - request.getSession(false) returns "null"
> On the second attempt, the flow works as expected.
> The issue can be reproduced on both a single node or a two nodes cluster, as long as <distributable /> is enabled in web.xml. 
> We are currently using the master build https://ci.jboss.org/hudson/job/WildFly-latest-master/2244/, but the problem has been noticed on 10.0.0-Final and also 8.2.1-Final.
> I attached a sample web application that I used to reproduce the issue. Our standalone.xml is also included with the clustering configuration we've been using for the web/session cache.



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list