On 29/05/2023 08:36, Mark Thomas wrote:
On 26/05/2023 09:56, Rémy Maucherat wrote:
Hi,
After looking at BZ 66513, reading things online, the javadoc with its
heavy handed usage warnings, code of PersistentValve and tracing back
all the calls in the PersistentManager itself, my conclusion is that
the functionality provided by that valve is probably not doable
without significant compromises that would likely break most of its
usefulness. This seems to be a core design issue basically, or at
least this is a far more complex problem than what can be achieved
using a quick hack.
I'd like to see if we can find an acceptable hack to enforce the no more
than one concurrent request per session rule. I have some ideas but need
to think them through to find all the edge cases I have missed.
As a result, I would be inclined to propose dropping PersistentValve
in Tomcat 11, and deprecating it in the other branches.
Given bug 66513 it seems that some folks do find it useful. If there is
a set of users for which the Valve is useful then I'd prefer to keep it
if we can (with clearly documented constraints).
If t just isn't possible then removal / deprecation seems reasonable.
How about this?
https://github.com/apache/tomcat/pull/623
I think this is an approach that could work. It addresses the
thread-safety concerns with the first couple of attempts I had at
solving this.
If folks think that a) I haven't missed any other thread-safety issues
and b) enforcing max one request per session is a viable approach then
I'm happy to do the work to clean this up (docs, tests, etc.)
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
