Vojtech Szocs has posted comments on this change. Change subject: webadmin: Adapt UI plugin infra REST session timeout ......................................................................
Patch Set 2: Alon, the root cause of this patch is different session expiration mechanism implementation in JavaEE HttpSession vs. Engine user session. Please see my inline comment in patchset 1 where I quoted Einav's description of the problematic scenario. In practice, real lifespan of Engine user session is up to 2 x UserSessionTimeOutInterval, see commit msg for details. So creating REST HttpSession with TTL == UserSessionTimeOutInterval can lead to situation where REST HttpSession is dead while Engine user session is alive. This patch addresses this problem. Assume UserSessionTimeOutInterval = 2min. Imagine you login into WebAdmin GUI and leave it open for 2min, but Engine session will be active for 3min. Imagine UI plugin is inactive for 2min but then at 2:01 decides to make REST request. It will fail -> REST HttpSession is dead but Engine user session is alive. If you know a better way to solve the discrepancy between JavaEE HttpSession vs. Engine user session, please share. -- To view, visit http://gerrit.ovirt.org/36737 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ifa95dba9b1f9647369bd817995c1cbd86f1e528f Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Vojtech Szocs <[email protected]> Gerrit-Reviewer: Alexander Wels <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Einav Cohen <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Vojtech Szocs <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
