Uploaded image for project: '[Read Only] - Hippo Site Toolkit 2'
  1. [Read Only] - Hippo Site Toolkit 2
  2. HSTTWO-4192

When session pool is exhausted, binaries servlet can behave incorrectly possibly not freeing locked blocking cache entries

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Top
    • Resolution: Fixed
    • None
    • 5.2.0
    • None
    • None
    • Turing Sprint 172

    Description

      org.hippoecm.hst.servlet.BinariesServlet#getSessionUserID returns null in case of a RepositoryException (and note a NoSessionAvailableException from the session pools is wrapped in a RepositoryException).

      After null is returned, org.hippoecm.hst.servlet.BinariesServlet#getPageFromCacheOrLoadPage creates an incorrect cachekey, resulting in the blocking cache being blocked on an incorrect key. If then after this, the

      page = getBinaryPage(request, resourcePath);
      

      succeeds, another cachekey is put, resulting in a different key being put (with a non null sessionUserId). The code has grown in this way because many methods are protected, making some changes that would ease the flow of the code impossible because of BC issues.

      The fix for now is simple: Let org.hippoecm.hst.servlet.BinariesServlet#getSessionUserID throw an IllegalStateException in case of a repository exception (note that since the method is protected I cannot change its signature without risking to have BC issues for end projects)

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              aschrijvers Ard Schrijvers
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: