|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 4419 | major | sometimes | 03-02-11 00:54 | 03-04-11 11:41 | |
|
|
|||||
| Reporter: | vicsanca | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 4.0.14 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 4.0.16 | ||
|
|
|||||
| Summary: | 0004419: Session not invalidated | ||||
| Description: |
Apache 2.2 on CentOS 5.5 and Resin 4.0.14. Session sometimes is not invalidated on timeout. We have 2 test pages: sesion.jsp --> Set session timeout in 60 seconds and store variable in session sesion2.jsp --> Shows session timeout and session variable. We enter on sesion.jsp, wait for more than 60 seconds. Go to sesion2.jsp and shows the default webapp session timeout(3600 in my server) and variable is still on session. So resin is not invalidating session correctly on timeout. |
||||
| Steps To Reproduce: | |||||
| Additional Information: |
Test pages sesion.jsp <%@ page contentType="text/plain; charset=utf-8" language="java" %> <% out.println("ID: "+session.getId()); session.setMaxInactiveInterval(60); out.println("Session timeout fixed in: "+session.getMaxInactiveInterval()); session.setAttribute("foo",new String("Hello world")); out.println(session.getAttribute("foo")); %> Shows: ID: aaa_M3wAHt7wK-GHXD15s Session timeout fixed in: 60 Hello world sesion2.jsp <%@ page contentType="text/plain; charset=utf-8" language="java" %> <% out.println("ID: "+session.getId()); out.println("Session timeout is: "+session.getMaxInactiveInterval()); out.println(session.getAttribute("foo")); %> Shows after 90 seconds ID: aaa_M3wAHt7wK-GHXD15s Session timeout is: 3600 Hello world |
||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||