struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Prasanth <>
Subject Re: Struts2 login action class seems to be reused
Date Wed, 16 May 2018 19:21:12 GMT
Another update,  the LoginAction in Context2 had the below methods, two methods to set the
request. May be I have done RequestAware and then realized it should be ServletRequestAware
and did not
delete the setRequest method. I think having the setRequest is the culprit for the invalid
session exception. I have went back and forth and when I have this method I can reproduce
the error and when
I remove this method I don't get the error.

While implementing the SessionAware I removed this additional method also, so it worked but
I was thinking that SessionAware implementation solved the issue.

Any insights as to why this additional setRequest method causes the problem? Would struts2
call this setRequest method even if the class is implementing just ServletRequestAware?

    public void *setServletRequest*(HttpServletRequest request) {
        this.request = request;

     * @return the request
    public HttpServletRequest getRequest() {
        return this.request;

     * @param aRequest the request to set
    public void *setRequest*(HttpServletRequest aRequest) {
        this.request = aRequest;


On 05/16/2018 12:44 PM, Prasanth wrote:
> We use the path as / for the cookie path that allows the session to be shared between
context1 and context2. The JSESSIONID also remains the same when the request is forwarded.
> Martin asked me if  the action is session aware. It was not implementing SessionAware
interface even though session was accessed (using request.getSession()). Artifact of code
from struts1, that
> part of the code did not change when we moved the action to struts2. So decided to change
it and use the session map provided by struts2. Once I have added SessionAware I am not able
to reproduce
> the session invalid exception, did not have a problem reproducing the issue before. Is
this expected?
> Thanks,
> Prasanth
> On 05/16/2018 10:40 AM, Yasser Zamani wrote:
>> On 5/16/2018 7:23 PM, Prasanth wrote:
>>>  Exception: java.lang.IllegalStateException: UT000010: Session is invalid r4yb7BtBx7fwmGbzMhgeyhvSFb3sAp6FhW6m-5Op
>>>     at io.undertow.server.session.InMemorySessionManager$SessionImpl.getAttribute(
>>>     at io.undertow.servlet.spec.HttpSessionImpl.getAttribute(
>>>     at com.xxxxxx.xxxxxx.LoginAction.execute(
>> Could you see if "Best Practices: Cross-Context Dispatching and Session
>> Handling" [1] fixes your issue? However, it's about Servlets not Struts.
>> Regards.
>> [1]
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message