[SHIRO-399] Memory leak for invalid sessions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.2.1
Fix Version/s: 1.2.2
Component/s: None
Labels:
- patch
- patch-with-test

Description

Have a session and wait till gets invalidated via logout/expiration.
In a SessionListener implementation for the session the client code can try to clean-up the session (what I originally did: session.removeAttributes() but doing so throws an InvalidSessionException because the session is already invalidated by the time it reaches the listener)
This unexpected exception alters the normal flow, hence the code that should delete the session never gets executed, hence the invalidated session data hangs forever either in memory or other storage.

This can be avoided with well behaved client code-which knows that it shouldn't try to clean an expired session, but it should be also handled on your side as well and to enclose some code in try/finally blocks.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

patch.txt
26/Nov/12 14:45
5 kB
Bogdan Flueras

Activity

People

Assignee:: Unassigned

Reporter:: Bogdan Flueras

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 26/Nov/12 09:58

Updated:: 15/Jul/16 15:04

Resolved:: 17/Apr/13 04:51