Home/ Questions/Q 7847723
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T17:59:17+00:00

In the application, we use to switch sessions once the user mode is changed.

  • 0

In the application, we use to switch sessions once the user mode is changed.

So basically we have something like this:

request.getSession(false).invalidate();
request.getSession(true);

Now happens the problem: after timeout, the session is not removed. After debugging some internal code, I found out that in org.eclipse.jetty.server.session.AbstractSession.timeout() the session is not removed if _requests > 0. And the _requests is greater then zero, since in org.eclipse.jetty.server.session.SessionHandler.doScope(String, Request, HttpServletRequest, HttpServletResponse) the complete() runs on the access session is increased and the same session is decreased, even if during the invocation the actual session was replaced!

Did anyone experience the same problem and managed to solve it?

Updated: I created a workaround. See accepted answer below.

Updated: Bug in Jersey Community: https://bugs.eclipse.org/bugs/show_bug.cgi?id=377610

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I have solved this problem, by overriding the SessionHandler:

    import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.session.SessionHandler;

public class MySessionHandler extends SessionHandler {

    @Override
    public void doScope(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {

        HttpSession oldSession = request.getSession(false);
        super.doScope(target, baseRequest, request, response);
        HttpSession newSession = request.getSession(false);

        if (newSession != null && oldSession != newSession) {
            getSessionManager().complete(newSession);
        }
    }
}

    In the application’s context:

    <Set name="sessionHandler">
     <New class="*************.MySessionHandler">
     </New>
</Set>
    • 0