tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mirek.Su...@intax.cz
Subject Re: Problems with invalidate
Date Thu, 28 Sep 2000 18:49:47 GMT

Nick, thank you for your advice!

I replaced the code (which workes under Tomcat 3.1, but does not work under
Tomcat 3.2 beta 3)

  session.invalidate();
  session = request.getSession (true);
  beanX=new Vector();
  session.putValue("beanX", beanX);

with code

  Enumeration names = session.getAttributeNames();
  while ( names.hasMoreElements() )
  {
    session.removeValue( (String) names.nextElement() );
  }
  beanX=new Vector();
  session.putValue("beanX", beanX);

and now it works under Tomcat 3.2 beta 3 (and Tomcat 3.1, too - of course).

You had a nice idea, realy!
But I think it is a solution only from the practice point of view,
but from the level of concept of sessions it is not correct.

I think, that invalidating of current session (with session.invalidate()
method)
and creating of the new session (with request.getSession (true) method)
is quite adequate to concept of sessions according to Specification JSP 2.2
and 2.3, too.

So I want to report this as a bug of Tomcat 3.2 beta 3, but I do not where!
Can you tell me the URL address for reporting of bugs of Tomcat?

Thank you very much for your help!

By
       Mirek Subrt



                                                                                         
        
                    Nick.Holloway@alfie.d                                                
        
                    emon.co.uk (Nick             To:     tomcat-user@jakarta.apache.org  
        
                    Holloway)                    cc:                                     
        
                    Sent by:                     Subject:     Re: Problems with invalidate
       
                    Nick.Holloway@pyrites                                                
        
                    .org.uk                                                              
        
                                                                                         
        
                                                                                         
        
                    28.09.2000 12:03                                                     
        
                    Please respond to                                                    
        
                    tomcat-user                                                          
        
                                                                                         
        
                                                                                         
        




Mirek.Subrt@intax.cz writes:
>  Can you tell me, why session.invalidate() and session.putValue() methods
>  work only with Tomcat 3.1 and not with Tomcat 3.2 beta 3?
> [...]
>  session.invalidate();
>  session = request.getSession (true);
>  beanX=new Vector();
>  session.putValue("beanX", beanX);

The behaviour you were relying on in 3.1 was that if the current
HttpSession was not valid, then a calling "request.getSession(true)"
would create a new session.

The documentation I have to hand (servlet23_PublicDraft1) has:

    public HttpSession getSession(boolean create)

    Returns the current HttpSession associated with this request or, if if
    there is no current session and create is true, returns a new session.

    If create is false and the request has no valid HttpSession, this
    method returns null.

It would seem in Tomcat 3.2 once the session is associated with a request,
it remains associated, even though it is no longer valid.  This doesn't
actually conflict with the first paragraph.

However, there might be a bug in 3.2 (looking at the old copy of the
code I have) in that the following code would not return null, but will
return an invalid session, which conflicts with the second paragraph.

    session.invalidate()
    session = request.getSession(false);

Try reporting the behaviour you are seeing as a bug, and see if it
a) either gets fixed, or b) it is confirmed as being part of the
specification.

You could avoid this problem entirely by re-using the session object, but
manually clearing all elements.

    Enumeration names = session.getAttributeNames();
    while ( names.hasMoreElements() )
    {
     session.removeValue( (String) names.nextElement() );
    }

--
 `O O'  | Nick.Holloway@pyrites.org.uk
// ^ \\ | http://www.pyrites.org.uk/




Mime
View raw message