[DRILL-4353] Expired sessions in web server are not cleaning up resources, leading to resource leak - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: 1.5.0
Fix Version/s: 1.5.0
Component/s: Client - HTTP, Web Server
Labels:
None

Description

Currently we store the session resources (including DrillClient) in attribute SessionAuthentication object which implements HttpSessionBindingListener. Whenever a session is invalidated, all attributes are removed and if an attribute class implements HttpSessionBindingListener, listener is informed. SessionAuthentication implementation of HttpSessionBindingListener logs out the user which includes cleaning up the resources as well, but SessionAuthentication relies on ServletContext stored in thread local variable (see here). In case of thread that cleans up the expired sessions there is no ServletContext in thread local variable, leading to not logging out the user properly and resource leak.

Fix: Add HttpSessionEventListener to cleanup the SessionAuthentication and resources every time a HttpSession is expired or invalidated.

Attachments

Activity

People

Assignee:: Venki Korukanti

Reporter:: Venki Korukanti

Reviewer:: Rahul Kumar Challapalli

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 04/Feb/16 21:39

Updated:: 18/Feb/16 22:18

Resolved:: 09/Feb/16 00:53