[ https://issues.apache.org/jira/browse/WW-4409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rob Baily updated WW-4409: -------------------------- Priority: Minor (was: Major) > Modify the TokenInterceptor not to lock the session object while handling and > invalid token > ------------------------------------------------------------------------------------------- > > Key: WW-4409 > URL: https://issues.apache.org/jira/browse/WW-4409 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors > Affects Versions: 2.3.18 > Reporter: Rob Baily > Priority: Minor > Attachments: tokeninterceptor.patch > > > Similar to WW-3582. Currently the In TokenInterceptor class in the > handleToken method there is a lock on the session object and the > handleInvalidToken method is called within that block. In our environment we > overrode the handleInvalidToken and it turned out that when this method ran > long that any other requests for the user were immediately blocked and the > threads were locked up and unable process any further requests. > I would like to see if we can change the handleToken method not to lock the > session when calling the method to handle an invalid token. I realize that > it may not be an ideal implementation and the base implementation should be > fast but it does seem like the time an object is locked should be minimized. > I don't know if there is a reason that the invalid method would need to be in > that block. > I am including a patch for the change on this. It does not affect the tests > and I do not know if there is a good way to add a test that would check the > locking. -- This message was sent by Atlassian JIRA (v6.3.4#6332)