search

zcwslnh / javamelody

Automatically exported from code.google.com/p/javamelody
0 stars 0 forks source link

Since tomcat 6.0.21 and when tomcat based authentication is used, session count is false #66

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Since tomcat 6.0.21 and when tomcat based authentication is used, the number of 
sessions in the graphic is false and there is a possible memory leak for 
invalidated http sessions.

Original issue reported on code.google.com by evernat@free.fr on 27 Nov 2010 at 3:59

GoogleCodeExporter commented 9 years ago 
This is because of the changes for tomcat enhancement 45255: 
https://issues.apache.org/bugzilla/show_bug.cgi?id=45255
With these changes and when tomcat authentication is used, 
HttpSessionListener.sessionCreated is called twice for the same session but 
with different ids. And HttpSessionListener.sessionDestroyed is called only 
once.

To tomcat experts: Isn't an http session supposed to die first before being 
able to born a second time?

Original comment by evernat@free.fr on 27 Nov 2010 at 4:00

GoogleCodeExporter commented 9 years ago 
fixed in trunk (revision 1483) and ready for next release (1.23)

Original comment by evernat@free.fr on 27 Nov 2010 at 4:01