Peter Rossbach wrote:
> Hmm,
>
> but I can't find a statement that the valueUnbound get an invalid
> session, when it called after sessionDestoryed.
>
> HttpSessionBindingListener ===
> /**
> *
> * Notifies the object that it is being unbound
> * from a session and identifies the session.
> *
> * @param event the event that identifies
> * the session
> * * @see #valueBound
> *
> */
>
> public void valueUnbound(HttpSessionBindingEvent event);
> ====
>
> I thing the part "identifies the session" is in conflict with the
> current tomcat implementation.
Interface HttpSessionBindingListener:
Causes an object to be notified when it is bound to or unbound from a
session. The object is notified by an HttpSessionBindingEvent object.
This may be as a result of a servlet programmer explicitly unbinding an
attribute from a session, due to a session being invalidated, or due to
a session timing out.
> Today the user get a IllegalStateException at event.getSession().getId()
> instead the session identifier.
> The current servlet spec is not clear at this session event definition. :(
>
> What is correct?
> - current handling
> - emit remove session event and after this the session is invalid
> - remove emit event after invalidation
>
> What we can do?
> - document the situation
> Add lifecycle diagrams ( state flow)
> - propose a change to the spec team
> Don't emit remove session attribute events, when session
> destoryed, like ServletContext and ServletRequest handling ( my favorit)
> Only direct removeAttribute calls, emit remove event.
I give up ;)
Yes, the current behavior is certain to be the correct one.
Rémy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
|