tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: Does HttpSessionBindingListener get called when session times out (was: RE: Could this be a bug in tomcat)
Date Sun, 27 Apr 2003 06:50:23 GMT
valueUnbound is called after the session has been invalidated, so it is
illegal to call getAttribute from this method.

"Michael Young" <javaone@onyourside.net> wrote in message
news:000901c30baa$8db82fb0$4001a8c0@wonder...
> OK, let me ask this:
>
> Is HttpSessionBindingListener.valueUnbound() called just before the
session
> is going to be invalidated?
>
> That is, inside valueUnbound() method, is it legal to call
> session.getAttribute() method to get hold of any attributes?
>
> I just tested this, but I still get the following Tomcat exception.  As
far
> as I can tell, Tomcat didn't use to behave like this.
>
> 2003-04-25 21:11:41 StandardManager[/listeners] processsExpire:  Exception
> during session expiration
> java.lang.IllegalStateException: getAttributeNames: Session already
> invalidated
>  at
>
org.apache.catalina.session.StandardSession.getAttributeNames(StandardSessio
> n.java:974)
>  at
>
net.onyourside.tomcat.listeners.MyHSBindingListener.valueUnbound(MyHSBinding
> Listener.java:49)
>  at
>
org.apache.catalina.session.StandardSession.removeAttribute(StandardSession.
> java:1155)
>  at
>
org.apache.catalina.session.StandardSession.expire(StandardSession.java:635)
>  at
>
org.apache.catalina.session.StandardSession.expire(StandardSession.java:608)
>  at
>
org.apache.catalina.session.StandardManager.processExpires(StandardManager.j
> ava:793)
>  at
> org.apache.catalina.session.StandardManager.run(StandardManager.java:870)
>  at java.lang.Thread.run(Thread.java:536)
>
> Here's my simple listener class:
>
> package net.onyourside.tomcat.listeners;
>
> import java.util.Enumeration;
>
> import javax.servlet.http.HttpSession;
>
> import javax.servlet.http.HttpSessionBindingEvent;
>
> import javax.servlet.http.HttpSessionBindingListener;
>
> public class MyHSBindingListener implements HttpSessionBindingListener {
>
> /**
>
> *
>
> */
>
> public MyHSBindingListener() {
>
> super();
>
> }
>
> /* (non-Javadoc)
>
> * @see
>
javax.servlet.http.HttpSessionBindingListener#valueBound(javax.servlet.http.
> HttpSessionBindingEvent)
>
> */
>
> public void valueBound(HttpSessionBindingEvent event) {
>
> HttpSession session = event.getSession();
>
> session.setAttribute("valueBound", "added in " + this.getClass().getName()
+
> "'s valueBound()");
>
> System.out.println(this.getClass().getName() + "valueBound(): session
> attributes: ");
>
> for (Enumeration e = session.getAttributeNames(); e.hasMoreElements(); ) {
>
> String name = (String) e.nextElement();
>
> System.out.println(name + " <-> " + session.getAttribute(name));
>
> }
>
> }
>
> /* (non-Javadoc)
>
> * @see
>
javax.servlet.http.HttpSessionBindingListener#valueUnbound(javax.servlet.htt
> p.HttpSessionBindingEvent)
>
> */
>
> public void valueUnbound(HttpSessionBindingEvent event) {
>
> HttpSession session = event.getSession();
>
> System.out.println(this.getClass().getName() + "valueUnbound(): session
> attributes: ");
>
> for (Enumeration e = session.getAttributeNames(); e.hasMoreElements(); ) {
>
> String name = (String) e.nextElement();
>
> System.out.println(name + " <-> " + session.getAttribute(name));
>
> }
>
> }
>
> }
>
>
> ----- Original Message -----
> From: "Jon Wingfield" <jon.wingfield@mkodo.com>
> To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
> Sent: Friday, April 25, 2003 3:30 AM
> Subject: Re: Does HttpSessionBindingListener get called when session times
> out (was: RE: Could this be a bug in tomcat)
>
>
> > Objects that implement HttpSessionBindingListener have their
> > valueBound() and valueUnbound() methods called when they are
> > added/removed from sessions as attributes.
> >
> > ditto implementations of HttpSessionActivationListener.
> >
> > HttpSessionAttributeListeners defined in web.xml have their methods
> > called when any object is added/removed/replaced in a session.
> >
> > When the session is invalidated these above three mechanisms are invoked
> > (all attributes are removed from session). Once complete and the session
> > is invalid the HttpSessionListeners are invoked.
> >
> > I believe Tomcat works as per spec. It is the reference implementation
> > after all ;)
> >
> > We use a HttpSessionAttributeListener to save unfinished 'Work In
> > Progress' items when a user logs out or times out. At this point we can
> > also make a reasoned judgement of whether it is a logout or a timeout
> > using getLastAccessedTime and getMaxInactiveInterval().
> >
> > The same persistance object also implements ServletContextListener and
> > HttpSessionListener so that we also persist data if we have to bring
> > Tomcat down for maintenance.
> > In this case it is worth noting that if session persistance is on (as it
> > is by default) the session won't get invalidated on shutdown. However,
> > it may do so as soon as you bring Tomcat back up if the down time is
> > long enough. It's a judgement call whether to persist on shutdown or
> > invalidation.
> >
> > This combination works for us. HttpSessionActivationListener didn't
> > quite fit the bill.
> >
> > HTH,
> >
> > Jon
> >
> > Michael Young wrote:
> > > On an earlier point of the exact sequence of events, I'm getting more
> > > and more confused on Tomcat's behavior and my understanding and
> > > experiences of Servlet API through working with some other containers.
> > >
> > > What I am trying to do is: to do clean up when a user's session has
been
> > > invalidated due to either timeout or manual logout.  I used to just
use
> > > an HttpSessionListener's sessionDestroyed() to do clean up, but Tomcat
> 4.1.24
> > > doesn't work this way, as was explained to me.
> > >
> > > Now I just tried the HttpSessionBindingListener's valueUnbound(), but
> > > it seems that Tomcat is not calling my valueUnbound() method when the
> > > session times out.  This is in contrast to my understanding of Servlet
> API
> > > though.  I thought when a session times out and is invalidated, all
> > > attributes have to be removed first so all HttpSessionBindingListeners
> > > get notified.
> > >
> > > I can't use session activation events because these events do not
> necessarily
> > > mean that the session has timed out, only that the session is being
> > > persisted or serialized.  The session could still be active, and
> > > users can still come back using the same session.
> > >
> > > So the 6 million dollar question is:
> > >
> > > In Tomcat 4.1.24, how can I get notified with full access to session
> > > object when a session times out?
> > >
> > > Thanks!  /M.
> > >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message