org.apache.tomcat.websocket.WsSession.requestUri can be null [SPR-15721]

[spring-projects-issues]

Artem Bilan opened SPR-15721 and commented

The recent change to the StandardWebSocketSession via #20276, particularly the code:

@Override
public URI getUri() {
	Assert.state(this.uri != null, "WebSocket session is not yet initialized");
	return this.uri;
}

Produces the problem on the client side when we have, according org.apache.tomcat.websocket.WsSession JavaDocs:

* @param requestUri           The URI used to connect to this endpoint or
*                             <code>null</code> is this is a client session

Therefore that Assert has to be removed.

At the same time I'm not pretty sure how we may have it like:

@Nullable
private URI uri;

and say that it can't be null in the getUri().

Thanks

---

Affects: 5.0 RC3

Issue Links:

• Extend null-safety to field level [SPR-15720] #20276 Extend null-safety to field level

Referenced from: commits 9afce23

[spring-projects-issues]

Juergen Hoeller commented

Indeed, previously that code was checking for the native session to be generally initialized, and now it checks for the uri field specifically. There is indeed a mismatch here: Since this implements the WebSocketSession.getUri() method there, we'll have to mark that method @Nullable at the interface level, matching the runtime invocation semantics.

As for the current mismatch between field and accessor, this is not so unusual: The uri field is initially not set (therefore nullable) and only populated on initializeNativeSession. From then onwards, the accessors expect non-null state, and the assertion just says "you called the accessor before initializing the native session". Now, for getUri() specifically, it may remain null even after the native session, which we need to fix as discussed above.

[spring-projects-issues]

Artem Bilan commented

Thanks, Juergen, for quick turnaround!

Works well now.