2011/6/27 Martin Kouba <[email protected]>: > Recently I've been using adapted code of CrawlerSessionManagerValve from > Tomcat 7 on Tomcat 6 (JBossWeb 2.1.4 respectively). It works well. However I > observed a lot of HTTP sessions that were created even if > CrawlerSessionManagerValve logged sucessfull bot detection. Finally I found > that problem is in the way CrawlerSessionManagerValve removes expired > session infos. See > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.tomcat/tomcat-catalina/7.0.14/org/apache/catalina/valves/CrawlerSessionManagerValve.java#CrawlerSessionManagerValve.backgroundProcess%28%29. > > The problem occurs in case of bot makes pause between requests that lasts at > least "sessionInactiveInterval" and is not shorter than > "sessionInactiveInterval" + 60 seconds. In this situation the real HTTP > session is already destroyed but corresponding SessionInfo still exists. > CrawlerSessionManagerValve detects bot and finds SessionInfo. New HTTP > session is created but CrawlerSessionManagerValve just changes sessionInfo > lastAccessed property (because sessionInfo != null). > > The problem code is in method backgroundProcess() where expireTime is > resolved: (sessionInactiveInterval + 60) * 1000. It's possible that those > +60 seconds have some meaning nevertheless they may cause creation of > hundreds of useless HTTP sessions. My opinion is that backgroundProcess() is > not the right way to remove expired session infos. I guess that more > suitable solution is to make CrawlerSessionManagerValve implementor of > org.apache.catalina.SessionListener and remove expired session info on > SESSION_DESTROYED_EVENT.
It would be nice if you'd open an issue in Bugzilla. You can include a link back to this thread, http://marc.info/?t=130918115200005&r=1&w=2 > I tried to modify the code and it seems that > CrawlerSessionManagerValve works now even better. You can attach a patch to the issue. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
