1. There can only be one Cocoon Session per HttpSession. Creation of this must be thread safe.
2. The code propsed will not work:
public Session getSession(boolean create) {
// we must assure a 1:1-mapping of server session to cocoon session
javax.servlet.http.HttpSession serverSession = this.req.getSession(create);
if (serverSession != null) {
synchronized (serverSession) {
// retrieve existing wrapper
this.session =
(HttpSession)serverSession.getAttribute(HTTP_SESSION);
if (this.session == null) {
// create wrapper
this.session = new HttpSession(serverSession);
serverSession.setAttribute(HTTP_SESSION, this.session);
}
}
} else {
// invalidate
this.session = null;
}
return this.session;
}serverSession is a local variable. Synchronizing it accomplishes nothing since every caller gets their own copy. Sytnchronizing on a member of the HttpRequest object also accomplishes nothing.
I'm still trying to think of a solution I like.
Ralph
