Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jetty keeps Sessions in use after "Duplicate valid session cookies" Message #6085

Closed
ssoec4u opened this issue Mar 23, 2021 · 3 comments · Fixed by #6096 or #6103
Closed

Jetty keeps Sessions in use after "Duplicate valid session cookies" Message #6085

ssoec4u opened this issue Mar 23, 2021 · 3 comments · Fixed by #6096 or #6103
Assignees
@janbartel
Projects
Jetty 9.4.39 Jetty 10.0.2/11.0.2

Comments

@ssoec4u
Copy link

ssoec4u commented Mar 23, 2021

Jetty version
9.4.26

Java version
openjdk version "10.0.2" 2018-07-17

OS type/version
CentOS Linux 7 (core)

Description
After getting org.eclipse.jetty.http.BadMessageException: 400: Duplicate valid session cookies jetty keeps the duplicate sessions in use state (request counter in session >0). Thats why these session will not be invalidated by the HouseKeeper-Thread.
Is this a bug in jetty?
@gregw gregw added this to To do in Jetty 9.4.38 via automation Mar 23, 2021
@janbartel
Copy link
Contributor

@ssoec4u I will put in a fix for this to ensure that duplicate valid sessions have their request counts decremented correctly.

But how the heck did you manage to get multiple sessions with different ids created, and moreover get the client to send more than 1 JSESSIONID cookie?

Also, you're more than 10 releases of jetty behind, it would be best if you could upgrade.

janbartel added a commit that referenced this issue Mar 23, 2021
@janbartel
Issue #6085 Fix reference counts for multiple valid cookies for sesss…
76a2363 
…ions

Signed-off-by: Jan Bartel <janb@webtide.com>
@janbartel janbartel mentioned this issue Mar 23, 2021
Merged
janbartel added a commit that referenced this issue Mar 24, 2021
@janbartel
Issue #6085 Fix reference counts for multiple valid cookies for sessi…
6d8ae9c 
…ons (#6088)

* Issue #6085 Fix reference counts for multiple valid cookies for sesssions

Signed-off-by: Jan Bartel <janb@webtide.com>
@janbartel
Copy link
Contributor

Fixed via #6088.

Jetty 9.4.38 automation moved this from To do to Done Mar 24, 2021
@janbartel janbartel self-assigned this Mar 24, 2021
janbartel added a commit that referenced this issue Mar 24, 2021
@janbartel
Issue #6085 Fix reference counts for multiple valid cookies for sessi…
20dd419 
…ons (#6088)

* Issue #6085 Fix reference counts for multiple valid cookies for sesssions

Signed-off-by: Jan Bartel <janb@webtide.com>
@janbartel janbartel mentioned this issue Mar 24, 2021
Merged
janbartel added a commit that referenced this issue Mar 24, 2021
@janbartel
Issue #6085 Fix reference counts for multiple valid cookies for sessi…
fd05a3d 
…ons (#6088) (#6096)

* Issue #6085 Fix reference counts for multiple valid cookies for sesssions

Signed-off-by: Jan Bartel <janb@webtide.com>
@olamy olamy moved this from Done to To do in Jetty 9.4.38 Mar 25, 2021
@janbartel janbartel removed this from To do in Jetty 9.4.38 Mar 25, 2021
@janbartel janbartel added this to Done in Jetty 9.4.39 Mar 25, 2021
@gregw gregw added this to To do in Jetty 10.0.2/11.0.2 via automation Mar 25, 2021
@gregw gregw moved this from To do to Done in Jetty 10.0.2/11.0.2 Mar 25, 2021
@gregw gregw reopened this Mar 25, 2021
Jetty 10.0.2/11.0.2 automation moved this from Done to In progress Mar 25, 2021
@gregw gregw linked a pull request Mar 25, 2021 that will close this issue
Issue #6085 Fix reference counts for multiple valid cookies for sessions #6096
Merged
@gregw gregw closed this as completed Mar 25, 2021
Jetty 10.0.2/11.0.2 automation moved this from In progress to Done Mar 25, 2021
@ssoec4u
Copy link
Author

ssoec4u commented Mar 25, 2021

@ssoec4u I will put in a fix for this to ensure that duplicate valid sessions have their request counts decremented correctly.

But how the heck did you manage to get multiple sessions with different ids created, and moreover get the client to send more than 1 JSESSIONID cookie?

Also, you're more than 10 releases of jetty behind, it would be best if you could upgrade.

The problem can be understood if you call up a web link from an Excel (Microsoft) in a Window 10 with the current IE Edge. The condition is that the website uses session cookies for this.
If you then call up the link at least twice, the message appears in the log file.

janbartel added a commit that referenced this issue Mar 25, 2021
@janbartel
Issue #6085 Fix duplicate valid session cookies to pick first valid.
c1cb9fe 
Signed-off-by: Jan Bartel <janb@webtide.com>
@janbartel janbartel mentioned this issue Mar 25, 2021
Merged
@janbartel janbartel linked a pull request Mar 25, 2021 that will close this issue
Issue #6085 Fix duplicate valid session cookies to pick first valid. #6103
Merged
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
2cd5990 
Cosmetic changes.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
1aa1ca4 
Fixed typo and stopping server & client in testMulitpleIdenticalSessionCookies().

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
eb7e588 
Signed-off-by: Jan Bartel <janb@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
c4e3f54 
Cosmetic changes.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet pushed a commit that referenced this issue Mar 25, 2021
@janbartel @sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
af042ba 
Signed-off-by: Jan Bartel <janb@webtide.com>
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
64006c6 
Cosmetic changes.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
f6afdc5 
Fixed typo and stopping server & client in testMulitpleIdenticalSessionCookies().

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
4356277 
Signed-off-by: Jan Bartel <janb@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet added a commit that referenced this issue Mar 25, 2021
@sbordet
Issue #6085 Fix duplicate valid session cookies to pick first valid.
e068119 
Cosmetic changes.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@janbartel janbartel

Labels
None yet
Projects
No open projects
Jetty 10.0.2/11.0.2
Done
Jetty 9.4.39
Done
Milestone
No milestone
3 participants
@gregw @janbartel @ssoec4u