[
https://issues.apache.org/jira/browse/WW-3582?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lucy updated WW-3582:
---------------------
Summary: Token Interceptor is holding HttpSession lock which can trigger
deadlocks (was: Token Interceptor is holding HttpSession lock which can
trigger deaklocks)
> Token Interceptor is holding HttpSession lock which can trigger deadlocks
> -------------------------------------------------------------------------
>
> Key: WW-3582
> URL: https://issues.apache.org/jira/browse/WW-3582
> Project: Struts 2
> Issue Type: Bug
> Components: Core Interceptors
> Affects Versions: 2.2.1
> Environment: Any (windows/Linux)
> Reporter: Lucy
>
> In class TokenInterceptor::doIntercept() function, it was using HttpSession
> lock when check tokens, it should release the lock before calling
> invocation.invoke().
> Because invocation.invoke() was called inside the httpsession lock, it will
> hold the lock until all the other intercetors listed after the token
> interceptor have been processed.
> (This triggered a dead lock in our software environment.)
> It should release the lock before it calls invocation.invoke();
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
