-
Bug
-
Resolution: Done
-
Major
-
22.0.1.Final, 23.0.0.Beta1
-
None
-
Undefined
-
---
-
---
The CLI call to invalidate a session does nothing if the app is distributable:
/deployment=app.war/subsystem=undertow:invalidate-session(session-id=id)
This CLI call ultimately results in an invalidate call to DistributableImmutableSession, which does nothing:
public void invalidate(HttpServerExchange exchange) { // Do nothing }
The CLI operation fetches the session from the manager by id:
Session session = sessionManager.getSession(sessionId);
The DistributableSessionManager only allows an Immutable session to be returned here:
public io.undertow.server.session.Session getSession(String sessionId) { // If requested id contains invalid characters, then session cannot exist and would otherwise cause session lookup to fail if (!IDENTIFIER_SERIALIZER.validate(sessionId)) { return null; } try (Batch batch = this.manager.getBatcher().createBatch()) { try { ImmutableSession session = this.manager.viewSession(sessionId); return (session != null) ? new DistributableImmutableSession(this, session) : null;
The DistributableSessionManager only lets you get a session you can invalidate if you call getSession by the HttpServerExchange, which a CLI command can't do.
So can the DistributableSessionManager be fixed and improved to allow invalidation on the session it hands out by the Id so the CLI command can function?
- clones
-
-
- Verified
-