[ https://issues.apache.org/jira/browse/MYFACES-2754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12879413#action_12879413 ]
Michael Concini commented on MYFACES-2754: ------------------------------------------ initial fix breaks client side state saving in some instances. retesting with a slight change that should resolve it. Will commit the change this afternoon once full testing is completed. > MyFaces can attempt to create a new session after the response has been > committed > --------------------------------------------------------------------------------- > > Key: MYFACES-2754 > URL: https://issues.apache.org/jira/browse/MYFACES-2754 > Project: MyFaces Core > Issue Type: Bug > Components: General > Affects Versions: 1.2.9, 2.0.0 > Reporter: Michael Concini > Assignee: Michael Concini > > As currently implemented, MyFaces can attempt to create a new session after > the response has been committed. This is due to calling saveSerializedView > on the JspStateManagerImpl even in cases where writeState was never called > (e.g. a JSP outcome target with no form tags). This can lead to either an > IllegalStateException being thrown or else extra sessions being created which > wait until the session timeout is reached to be destroyed and thus can lead > to a potential memory leak. Which behavior is seen depends on the appserver > being used and whether it reuses session cookies for the same client. > JSPStateManagerImpl will be updated to set a FacesContext attribute on > writeState to indicate that the state should be written by > saveSerializedView. > On 2.0, FlashImpl also needs to be updated as well to not create a new > session during the remove children operation. Currently we are creating a > new session just to create a new map and then clear it. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.