I don't understand why would you have to get rid of the cookie itself? The
session is marked as invalidated on server. The cookie only holds the id of
the session. If you go back to the servlet, the servlet engine will not get
confused by the existing cookie with ID because it knows that this session is
invalid.
d.
George Pearson wrote:
> Am I the only one that thinks that the servlet spec should have
> provision for expiring the session cookie (if used) when a session is
> invalidated (with session.invalidate())?
>
> Coding the session cookie expiration oneself violates the principle of
> information hiding with respect to how sessions are actually implemented.
> Expiring the session cookie at the same time as session invalidation also
> preserves consistency of session state between the client and server.
> This is useful in determining whether a session has been unexpectedly
> lost.
>
> Seems to me like a good candidate for addition to the spec. Or is
> there something I'm missing?
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
--
David Mossakowski [EMAIL PROTECTED]
Programmer 212.310.7275
Instinet Corporation
"I don't sit idly by, I'm planning a big surprise"
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
