DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=36994>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=36994 Summary: httpsession.getId() throws ISE after invalidation Product: Tomcat 5 Version: 5.0.12 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] After a http session is invalidated a call to getId() throws an IllegalStateException("already invalidated"). I think this doesn't conform to the servlet spec that doesn't say anything about an ISE in the api doc. All ISEs that can be thrown by the session-methods are explicit listed. Beside this it is very essential to have the sessionId at least during HttpSessionBindingListener.valueUnbound() if this method is called during the invalidation. The api doc of valueUnbound() says: "Notifies the object that it is being unbound from a session and identifies the session." The session is identified by its Id, but if the Id is not accessible anymore... The ISE was inserted in Version 5.5.10: excerpt from the changelog: "Re-add patch causing Session.getId to throw an ISE, and make all internal components use a safe getIdInternal" Thanks Lars -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]