Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-2902

Session token usage error: java.lang.IllegalStateException: Context has not been prepared for next connection

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.1.2
    • 2.1.3
    • Core Interceptors
    • None

    Description

      I have looked into the source code and found the reason. In TokenInterceptor.doIntercept(...), there is this code:

      Map session = ActionContext.getContext().getSession();

      synchronized (session) {
      if (!TokenHelper.validToken())

      { return handleInvalidToken(invocation); }

      return handleValidToken(invocation);
      }

      This block is essentially not synchronized! I found that the session Map is not a unique object across requests within an user session - in contrast with the HttpSession object provided by the Servlet API. Perhaps that should be considered the real bug?

      A previous bug WW-1786 also points out that the above block is not synchronized - that fix would be redundant once this issue is resolved.

      Attachments

        Issue Links

          incorporates

          Bug - A problem which impairs or prevents the functions of the product. WW-1786 using session-token interceptor generates FreeMarker template error

          • Major - Major loss of function.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. WW-2905 ExecuteAndWaitInterceptor: Synchronize on HttpSession rather than session map from context

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              nagarjuna Sitaram Reddy
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: