Re: [Openinteract-dev] Help needed fixing a bug

[<an...@io...>]

Chris Winters wrote:
 > Try that change and see what happens.

I think I found the problem.

I changed the $class->create as you instructed and because it caused the 
problems to be more visible, we figured out how to replicate the problem.

The problem seems to happen in some cases where we do a redirect:

Calling CTX->response->redirect calls $self->save_session, which in case 
of a tied session unties it. When Adapter calls $response->send, the 
$self->save_session is called again, but now the session is untied and 
for some reason lacks the _session_id key.

Previously this just led to an error being reported (since no session 
was created by _create_session and it couldn't be sent to the user) but 
now this results in a new session being created which has no session id 
and thus the user is kicked out.

We fixed this currently by removing the $self->save_session from the 
redirect-function, but I can't say for sure if it is somehow vital that 
the session is saved already at that point. You seem to have added the 
session saving to the redirect function in October 2004, commenting:
"OIN-48: always save the session when doing a redirect"

Do you happen to remember why you did that change? To me it seems that 
the session is always saved in the beginning of $response->send and thus 
the session is always saved even without the call in redirect-function.

I also don't know why untie (or something else) removes the _session_id 
key, but because of that it seems that save_session should not be called 
twice or we end up in problems since we have already lost our session_id.

So.. your insight on the matter would be more than welcome :)

- Antti