Handle the unlikely case where different versions of a web applicatio…

…n are deployed with different session settings git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc8.0.x/trunk@1713185 13f79535-47bb-0310-9956-ffa450edef68
apache · Nov 7, 2015 · 41fbee7 · 41fbee7
1 parent 95e6448
commit 41fbee7
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 19 deletions.
diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java
@@ -939,9 +939,11 @@ protected boolean postParseRequest(org.apache.coyote.Request req, Request reques
                                 // Reset mapping
                                 request.getMappingData().recycle();
                                 mapRequired = true;
-                                // Recycle cookies in case correct context is
-                                // configured with different settings
+                                // Recycle cookies and session info in case the
+                                // correct context is configured with different
+                                // settings
                                 req.getCookies().recycle();
+                                request.recycleSessionInfo();
                             }
                             break;
                         }

diff --git a/java/org/apache/catalina/connector/Request.java b/java/org/apache/catalina/connector/Request.java
@@ -491,18 +491,7 @@ public void recycle() {
         notes.clear();
         cookies = null;
 
-        if (session != null) {
-            try {
-                session.endAccess();
-            } catch (Throwable t) {
-                ExceptionUtils.handleThrowable(t);
-                log.warn(sm.getString("coyoteRequest.sessionEndAccessFail"), t);
-            }
-        }
-        session = null;
-        requestedSessionCookie = false;
-        requestedSessionId = null;
-        requestedSessionURL = false;
+        recycleSessionInfo();
 
         if (Globals.IS_SECURITY_ENABLED || Connector.RECYCLE_FACADES) {
             parameterMap = new ParameterMap<>();
@@ -545,11 +534,24 @@ public void clearEncoders() {
     }
 
 
-    /**
-     * Clear cached encoders (to save memory for Comet requests).
-     */
-    public boolean read()
-        throws IOException {
+    protected void recycleSessionInfo() {
+        if (session != null) {
+            try {
+                session.endAccess();
+            } catch (Throwable t) {
+                ExceptionUtils.handleThrowable(t);
+                log.warn(sm.getString("coyoteRequest.sessionEndAccessFail"), t);
+            }
+        }
+        session = null;
+        requestedSessionCookie = false;
+        requestedSessionId = null;
+        requestedSessionURL = false;
+        requestedSessionSSL = false;
+    }
+
+
+    public boolean read() throws IOException {
         return (inputBuffer.realReadBytes(null, 0, 0) > 0);
     }
 

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
@@ -157,6 +157,10 @@
         <bug>58582</bug>: Combined realm should perform background processing
         on its sub-realms. Based upon a patch provided by Aidan. (schultz)
       </fix>
+      <fix>
+        Handle the unlikely case where different versions of a web application
+        are deployed with different session settings. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">