On 23/12/2009 03:08, Konstantin Kolinko wrote: > I would say that it is not so easy to review all places where > isValid() is called. > > I see two more approaches available here: > A). Place fix in StandardSession.expire(boolean) > That is, wrap the call to listener.sessionDestroyed(event); with > setting and then clearing the TCCL. > The fireContainerEvent() calls above and below that line probably do > not need webapp's classLoader, though I am not sure. > The Context reference is available there, so Loader can be obtained. > > B). Implement a wrapper for HttpSessionListener that sets TCCL before > calling the wrapped listener. Add wrappers when the listeners are > added to the webapp. > > The if (!(listeners[j] instanceof HttpSessionListener)) check in > StandardSession.notify() code means that it has to be a wrapper that > specifically implements the HttpSessionListener interface. > > Any thoughts?
Moving the fix to StandardSession.expire() works for me. Given that in normal circumstances the TCCL is set for the entire method, I'd set the TCCL outside the loop that iterates over the listeners and reset it just after the loop. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
