Title | Users prematurely logged out at random |
Date | 29-Mar-2007 18:51:46 EEST |
Version | 2.4.100 |
Submitter | 71.182.134.10 |
Bug criticality | BadBug |
Browser version | Safari 2.0.4 |
Bug status | NewBug |
PageProvider used | com.ecyrd.jspwiki.providers.CachingProvider |
Servlet Container | Tomcat 5.5.20 |
Operating System | Debian GNU/Linux 3.1 |
URL | |
Java version | JDK 1.5.0_09 |
We have a wiki where all users are required to be authenticated. The session timeout is 3 hours, so that users don't need to reathenticate frequently.
When we upgraded from 2.4.82 to 2.4.100, the wiki started asking users to re-login very quickly, sometimes after only a few minutes, sometimes after an hour.
The problem seems to be random--sometimes many users will lose their login at the same moment, sometimes only a few. When multiple logouts happen, they seem to happen at the same time.
The problem seems to happen more frequently when the wiki is doing more work--lots of folks editing pages at the same time.
When we rolled back to the intermediate version 2.4.91, the problem *seemed* to disappear.
I saw that in version 2.4.97, this was added: "WikiEventDelegate now stores all listeners as WeakReferences". Speaking out of my own ignorance, the bug we're seeing looks like a weak reference being reclaimed too soon. Is there any way to log when these weak references are reclaimed, so that we could corelate that with the time that a user reports being logged out? Or can we get the wiki to log when (and why) sessions are discarded, so that we can pin down what's going on?