Skip to main content

[tyrus~code:4240234a] TYRUS-225: Unauthorized Invalidated session should not cause WebSocket se

  • From:
  • To:
  • Subject: [tyrus~code:4240234a] TYRUS-225: Unauthorized Invalidated session should not cause WebSocket se
  • Date: Wed, 7 Aug 2013 17:33:48 +0000

Project:    tyrus
Repository: code
Revision:   4240234a6be3657192ba1d0f4fe7ddc497e2c703
Author:     jerseyrobot
Date:       2013-08-07 17:07:20 UTC
Link:       

Log Message:
------------
TYRUS-225: Unauthorized Invalidated session should not cause WebSocket 
session invalidation



Revisions:
----------
4240234a6be3657192ba1d0f4fe7ddc497e2c703


Modified Paths:
---------------
containers/servlet/src/main/java/org/glassfish/tyrus/servlet/TyrusHttpUpgradeHandler.java


Diffs:
------
--- 
a/containers/servlet/src/main/java/org/glassfish/tyrus/servlet/TyrusHttpUpgradeHandler.java
+++ 
b/containers/servlet/src/main/java/org/glassfish/tyrus/servlet/TyrusHttpUpgradeHandler.java
@@ -223,17 +223,16 @@ public class TyrusHttpUpgradeHandler implements 
HttpUpgradeHandler, ReadListener
     /**
      * Called when related {@link javax.servlet.http.HttpSession} is 
destroyed or invalidated.
      * <p/>
-     * Implementation is required to call onClose() on server-side with 
corresponding close code (1006 or 1008, see
-     * WebSocket spec 7.2 and 2.1.5).
+     * Implementation is required to call onClose() on server-side with 
corresponding close code (1008, see
+     * WebSocket spec 7.2) - only when there is an authorized user for this 
session.
      */
     public void sessionDestroyed() {
         if (authenticated) {
             // websocket spec 7.2 [WSC-7.2-3]
             httpSessionForcedClose(new 
ClosingFrame(CloseReason.CloseCodes.VIOLATED_POLICY.getCode(), "No reason 
given."));
-        } else {
-            // websocket spec 2.1.5
-            httpSessionForcedClose(new 
ClosingFrame(WebSocket.ABNORMAL_CLOSE, "No reason given."));
         }
+
+        // else do nothing.
     }
 
     @Override





[tyrus~code:4240234a] TYRUS-225: Unauthorized Invalidated session should not cause WebSocket se

jerseyrobot 08/07/2013
 
 
Close
loading
Please Confirm
Close