tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Young" <java...@onyourside.net>
Subject Re: Does HttpSessionBindingListener get called when session times out (was: RE: Could this be a bug in tomcat)
Date Sat, 26 Apr 2003 04:16:04 GMT
OK, let me ask this:

Is HttpSessionBindingListener.valueUnbound() called just before the session
is going to be invalidated?

That is, inside valueUnbound() method, is it legal to call
session.getAttribute() method to get hold of any attributes?

I just tested this, but I still get the following Tomcat exception.  As far
as I can tell, Tomcat didn't use to behave like this.

2003-04-25 21:11:41 StandardManager[/listeners] processsExpire:  Exception
during session expiration
java.lang.IllegalStateException: getAttributeNames: Session already
invalidated
 at
org.apache.catalina.session.StandardSession.getAttributeNames(StandardSessio
n.java:974)
 at
net.onyourside.tomcat.listeners.MyHSBindingListener.valueUnbound(MyHSBinding
Listener.java:49)
 at
org.apache.catalina.session.StandardSession.removeAttribute(StandardSession.
java:1155)
 at
org.apache.catalina.session.StandardSession.expire(StandardSession.java:635)
 at
org.apache.catalina.session.StandardSession.expire(StandardSession.java:608)
 at
org.apache.catalina.session.StandardManager.processExpires(StandardManager.j
ava:793)
 at
org.apache.catalina.session.StandardManager.run(StandardManager.java:870)
 at java.lang.Thread.run(Thread.java:536)

Here's my simple listener class:

package net.onyourside.tomcat.listeners;

import java.util.Enumeration;

import javax.servlet.http.HttpSession;

import javax.servlet.http.HttpSessionBindingEvent;

import javax.servlet.http.HttpSessionBindingListener;

public class MyHSBindingListener implements HttpSessionBindingListener {

/**

*

*/

public MyHSBindingListener() {

super();

}

/* (non-Javadoc)

* @see
javax.servlet.http.HttpSessionBindingListener#valueBound(javax.servlet.http.
HttpSessionBindingEvent)

*/

public void valueBound(HttpSessionBindingEvent event) {

HttpSession session = event.getSession();

session.setAttribute("valueBound", "added in " + this.getClass().getName() +
"'s valueBound()");

System.out.println(this.getClass().getName() + "valueBound(): session
attributes: ");

for (Enumeration e = session.getAttributeNames(); e.hasMoreElements(); ) {

String name = (String) e.nextElement();

System.out.println(name + " <-> " + session.getAttribute(name));

}

}

/* (non-Javadoc)

* @see
javax.servlet.http.HttpSessionBindingListener#valueUnbound(javax.servlet.htt
p.HttpSessionBindingEvent)

*/

public void valueUnbound(HttpSessionBindingEvent event) {

HttpSession session = event.getSession();

System.out.println(this.getClass().getName() + "valueUnbound(): session
attributes: ");

for (Enumeration e = session.getAttributeNames(); e.hasMoreElements(); ) {

String name = (String) e.nextElement();

System.out.println(name + " <-> " + session.getAttribute(name));

}

}

}


----- Original Message -----
From: "Jon Wingfield" <jon.wingfield@mkodo.com>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Sent: Friday, April 25, 2003 3:30 AM
Subject: Re: Does HttpSessionBindingListener get called when session times
out (was: RE: Could this be a bug in tomcat)


> Objects that implement HttpSessionBindingListener have their
> valueBound() and valueUnbound() methods called when they are
> added/removed from sessions as attributes.
>
> ditto implementations of HttpSessionActivationListener.
>
> HttpSessionAttributeListeners defined in web.xml have their methods
> called when any object is added/removed/replaced in a session.
>
> When the session is invalidated these above three mechanisms are invoked
> (all attributes are removed from session). Once complete and the session
> is invalid the HttpSessionListeners are invoked.
>
> I believe Tomcat works as per spec. It is the reference implementation
> after all ;)
>
> We use a HttpSessionAttributeListener to save unfinished 'Work In
> Progress' items when a user logs out or times out. At this point we can
> also make a reasoned judgement of whether it is a logout or a timeout
> using getLastAccessedTime and getMaxInactiveInterval().
>
> The same persistance object also implements ServletContextListener and
> HttpSessionListener so that we also persist data if we have to bring
> Tomcat down for maintenance.
> In this case it is worth noting that if session persistance is on (as it
> is by default) the session won't get invalidated on shutdown. However,
> it may do so as soon as you bring Tomcat back up if the down time is
> long enough. It's a judgement call whether to persist on shutdown or
> invalidation.
>
> This combination works for us. HttpSessionActivationListener didn't
> quite fit the bill.
>
> HTH,
>
> Jon
>
> Michael Young wrote:
> > On an earlier point of the exact sequence of events, I'm getting more
> > and more confused on Tomcat's behavior and my understanding and
> > experiences of Servlet API through working with some other containers.
> >
> > What I am trying to do is: to do clean up when a user's session has been
> > invalidated due to either timeout or manual logout.  I used to just use
> > an HttpSessionListener's sessionDestroyed() to do clean up, but Tomcat
4.1.24
> > doesn't work this way, as was explained to me.
> >
> > Now I just tried the HttpSessionBindingListener's valueUnbound(), but
> > it seems that Tomcat is not calling my valueUnbound() method when the
> > session times out.  This is in contrast to my understanding of Servlet
API
> > though.  I thought when a session times out and is invalidated, all
> > attributes have to be removed first so all HttpSessionBindingListeners
> > get notified.
> >
> > I can't use session activation events because these events do not
necessarily
> > mean that the session has timed out, only that the session is being
> > persisted or serialized.  The session could still be active, and
> > users can still come back using the same session.
> >
> > So the 6 million dollar question is:
> >
> > In Tomcat 4.1.24, how can I get notified with full access to session
> > object when a session times out?
> >
> > Thanks!  /M.
> >
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message