I have an issue with JServ's current implementation (1.0b3) of the
HttpSession.invalidate() method. I believe what I found is a bug, but that
is debatable. I'd appreciate any comments or pointers to where this has
been discussed previously.
Here's the situation:
I am piggy-backing on top of JServ's session management thread in order to
clean up an application-specific state table. Specifically, I am using the
HttpSessionBindingListener interface to get a callback when I bind or unbind
an object to a session. If you're not familiar with this interface, it
contains the following two methods:
public void valueBound(HttpSessionBindingEvent event);
public void valueUnbound(HttpSessionBindingEvent event);
The HttpSessionBindingEvent class (the parameter to both calls) has a method
with the following signature:
public HttpSession getSession();
This method returns the session that the object is being bound to (in the
case of valueBound()) or is being unbound from (in the case of
valueUnbound()).
My first design/implementation of valueUnbound() required that I grab the
session from the event and then call the getId() method on the HttpSession
object. This is where the trouble started.
When a session is invalidated in JServ, the "valid" flag within the
HttpSession object is immediately set to false. After that, all
HttpSessionBindingListener objects that were bound to the session have their
valueUnbound(event) method called. Because the session was first
invalidated (by setting the valid flag to false), any method calls on the
session will throw an IllegalStateException. Since my valueUnbound() method
did make a call on the session (i.e., getId()), the exception was thrown.
This seems wrong to me. The invalidate() method should call all the
valueUnbound() methods first and then set the valid flag to false. The way
it is now, there is no reason to pass the session in as part of the event
because you cannot query the session for any useful information (all methods
except isValid() will throw an IllegalStateException).
The JServ implementation of HttpSession may be found here (my email client
will split the URL). Take a look at the invalidate() method:
http://www.working-dogs.com/cvsweb/index.cgi/~checkout~/jserv/src/java/org/a
pache/jserv/JServSession.java?rev=1.5&content-type=text/plain
Is the current implementation of HttpSession.invalidate() correct or is my
suggested alteration correct? I was able to get around the issue with some
refactoring, but the resulting code was not as elegant.
Thanks,
Brett Peterson
[EMAIL PROTECTED]
----------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html/>
Problems?: [EMAIL PROTECTED]
