LDEV-5260 Prevent EventStream retransmission from invalidating session Event Stream, which LAMS uses for reactive communication via Flux, ke…
Show more
LDEV-5260 Prevent EventStream retransmission from invalidating sessionEvent Stream, which LAMS uses for reactive communication via Flux, keepsa line open between browser and LAMS. If this line is consideredstalled, usually because there is no interaction neither on back nor onfront end, it closes. It happens after about 5 minutes.If in the meantime the teacher navigated to another LAMS lesson via LMS,he/she gets reauthenticated via integrations mechanism and gets a newHTTP session ID. This works fine and allows working on multiplemonitoring windows via LMS.If now the stalled Event Stream sends a message to LAMS, it uses the oldsession ID, not the new one. It happens even when the monitoring windowwhere the Event Stream was created gets closed. It is a browser"feature".This request with old session ID gets picked up by LAMS double loginprevention mechanism. LAMS does not allow users to be logged in to sameaccount on two browsers. And this Event Stream retransmission looks likea double login. So LAMS invalidates the correct current session.It results in teacher getting logged out from the monitoring window andgetting the login page on refresh.The fix is just throwing an exception on Event Stream retransmissionwhich would otherwise invalidate the current session. It should be goodenough as the Event Stream does not need a valid response, no one iswaiting for one anymore.
Show less
