Allow update of existing WebSession after max sessions limit is reached
#35013
Conversation
…sessions limit is reached Signed-off-by: Mohammad Saeed Nouri <msnsaeed71@gmail.com>
spring-projects-issues
added
the
status: waiting-for-triage
There was a problem hiding this comment.
This PR addresses a important logic in session management.
- The updated condition makes sure that only truly new sessions are blocked when the maximum limit is reached.
- If a session with the same ID already exists, it’s treated as an update, not a new session, and is allowed.
- The fix is minimal, targeted, and clearly improves correctness.
Solid improvement!
|
In order to process this PR, we will need a test to verify whether the proposed change is necessary. Thus, please introduce a test that fails before the change and passes after the change. Thanks |
sbrannen
added
status: waiting-for-feedback
sbrannen
changed the title
…x sessions limit is reached Signed-off-by: Mohammad Saeed Nouri <msnsaeed71@gmail.com>
Thank you for the thoughtful review and kind words 🙏 Appreciate your feedback and support! |
spring-projects-issues
added
status: feedback-provided
This PR adds a test to confirm that updating an existing session (with the same session ID) is still allowed even when the maximum number of sessions has been reached. |
sbrannen
added
type: bug
sbrannen
changed the title
sbrannen
changed the title
WebSession after max sessions limit is reached
sbrannen
added
the
status: backported
Previously, when saving a WebSession, the system did not check whether the session ID already existed. As a result, even if the session being saved was an update to an existing one, it was incorrectly treated as a new session, and a "maximum sessions exceeded" error was triggered. This fix ensures that if a WebSession with the same ID already exists, it will be updated rather than counted as a new session, thereby preventing unnecessary session limit violations. See gh-35013 Closes gh-35018 Signed-off-by: Mohammad Saeed Nouri <msnsaeed71@gmail.com> (cherry picked from commit c04902f)
Thank you very much for merging the code and for your kind words! I appreciate your careful review and the backport effort as well. Glad I could help fix the bug! 👍 |
Previously, when saving a session, the system did not check whether the session ID already existed. As a result, even if the session being saved was an update to an existing one, it was incorrectly treated as a new session, and a "maximum sessions exceeded" error was triggered.
This fix ensures that if a session with the same ID already exists, it will be updated rather than counted as a new session, thereby preventing unnecessary session limit violations.