tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Barkan <>
Subject NullPointerException during HttpServletRequest.getSession
Date Tue, 30 Sep 2003 18:51:10 GMT
New to tomcat and Servlet code, and for that matter posting on this forum 
so please bear with me.... ;-)

The symptom is a NullPointerException when I call getSession() on an 
HttpServletRequest object.  The HttpServletRequest object had previously 
been saved as an attribute of the Session that it contained.

I've tried to excise the code as much as possible, and in doing so omitted 
mention of the original HttpServlet subclass (SiteServlet in the stack 
trace) that created the original request.  Let me know if it would be 
helpful to include that.  Note that getSession() did not throw an 
exception until after the HttpServletRequest object was stored (while 
authentication took place) and later retrieved.

I tried looking at the CoyoteRequestFacade code but the directory 
containing it in the public download site was empty!  That was the code 
that threw the actual exception so I'm sure it could give some insight.

Here is the stack trace (truncated for your viewing pleasure:)


Here are the classes in question; again I've tried to only include the 
original code:

 * Receives the HttpServletRequest, stores it in the original session,
 * creates HTML to allow user to login, retrieves the login information
 * via a separate HttpServletRequest.  If authentication worked, calls
 * invokeOriginalRequest using the original HttpServletRequest and the
 * original handler who made the request (in this case, the AnnotPage 
public class PasswordPage extends PageGeneratorA implements AuthenticatorI 

    public void authenticateUser(PrintWriter pw, HttpServletRequest 
orig_request,  HttpServletResponse rp, PageGeneratorI orig_handler){ 
	// Save original request information
	HttpSession session = orig_request.getSession(true);
	session.setAttribute(request_key, orig_request);
	session.setAttribute(handler_key, orig_handler);
	generateLoginForm(pw, session);
//note that nothing is done with the original session from the original
//request. I'm not sure if the session is saved somewhere else or not.  
//(I'm assuming it is, but I'm not very clear on how Sessions are passed 
//around.  The reason for my assumption is that the session is where the 
//original HttpServletRequest is stored.)

    public void generateLoginForm(PrintWriter pw, HttpSession session) {
	QueryUtils.generateInputDialogPage(this, pw, style, pagetitle, 
					   login_dialog, true);
     * The generatePage method handles requests generated by the
     * login form. 
    public void generatePage(PrintWriter pw, HttpServletRequest rq, 
			HttpServletResponse rp) {
	if (rq.getParameter("login") != null) {

	    String username = rq.getParameter("username");
	    String password = rq.getParameter("password");
	    HttpSession session = rq.getSession(false);

	    if (allowAccess(username, password)) { //essentially reads 
from file
		// Store name of authenticated user in the current session
		session.setAttribute(user_key, username);
		session.setAttribute(time_key, new Date());
		// Allow request to continue
		invokeOriginalRequest(pw, session, rp);

//the original HttpServletRequest is retrieved here.  It is retrieved 
//from the session contained in the other HttpServletRequest that is sent 
//when the user types in the password and clicks 'submit.'
//I thought this might lead to a problem since I wasn't sure that that 
//session was the same in which we stored the original HttpServletRequest 
//(indeed they have different memory locations.)  However,
//the original HttpServletRequest *was* found in this session (at 
//least, it has the same memory location as the one we stored.)  However, 
//when 'getSession' is called on this retrieved HttpServletRequest,
 //a NullPointerException is thrown (see
   protected void invokeOriginalRequest(PrintWriter pw, HttpSession 
session, HttpServletResponse rp) {

	HttpServletRequest original_request = 

	PageGeneratorI original_handler = 
	original_handler.generatePage(pw, original_request, rp);  //calls
} // PasswordPage

 * This is the client class and the homepage of the Servlet.
 * The 'generatePage' method in this class is called from the PasswordPage,
 * in "invokeOriginalRequest."  The original HttpServletRequest is passed in
 * to 'generatePage.'  However, when an attempt is made to retrieve the 
 * session from the HttpServletRequest, a NullPointerException is thrown.

public class AnnotPage extends PageGeneratorA {

    //i.e. original request
    public void generatePage(PrintWriter pw, HttpServletRequest rq, 
HttpServletResponse rp) {
	HttpSession session = null;
	//NOTE: NullPointerException thrown when attempting to execute the 
following line:
	session = rq.getSession(false);
	//if exception not thrown, method would be retrieved and normal 
processing would continue.

View raw message