https://issues.apache.org/bugzilla/show_bug.cgi?id=47774
Summary: Illegal context class loader is used when
HttpSessionListener is executed.
Product: Tomcat 6
Version: 6.0.20
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: dev@tomcat.apache.org
ReportedBy: fujino.keii...@oss.ntt.co.jp
--- Comment #0 from Keiichi Fujino <fujino.keii...@oss.ntt.co.jp> 2009-09-01
01:58:42 PDT ---
When HttpSessionListener is executed, illegal class loader is set to the
context classLoader.
I think that the problem is in CoyoteAdapter#parseSessionCookiesId method.
JSESSION COOKIE is parsed in this method, and sessionId is set to the request.
To check sessionId, Request#isRequestedSessionIdValid method is called in this
method.
And, Session#isValid() might be called in Request#isRequestedSessionIdValid
method.
However, the context class loader of a current thread is StandardClassLoader.
It is not WebappClassLoader.
For instance,
When the session has already passed session-timeout,
Session#expire is executed.
At this time, the context class loader of the thread that executes
HttpSessionListenner#sessionDestroyed is StanderdClassLoader.
This is not good.
The context class loader of the thread that executes HttpSessionListenner
should be WebAppClassLoader.
Best regards.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
