I am trying to implement the HttpSessionListener (the same class implements ServletContextListener). The code for which is below.
1. I open a browser window , use MyWebApp after logging in it.
2. I open the tomcat manager and reload my MyWebApp. I go to the console at this point and see the message - "Session is already invalid." (see code below)
3. I go to my window in step 1. and click on a link to go to a particular .jsp page. I get a blank window. I check the session attributes at this point and my session attribute USER_AUTHORIZED exists and is true.
step 2 s result conflicts with step 3s result. (see code below). Invalidating the session does not propagate to the client ??????? What am i doing wrong ?
public void contextDestroyed(ServletContextEvent sce)
{
// Destroy sessions.
if(sessions != null)
{
Iterator i = sessions.iterator();
while (i.hasNext())
{
HttpSession s = (HttpSession)i.next();
try
{
if(s != null && s.getAttribute("USER_AUTHORISED") != null)
{
System.out.println("Invalidating session id = " + s.getId());
s.invalidate();
}
}
catch(IllegalStateException ex)
{
System.out.println("Session is already invalid.");
}
}
}
// End Destroy sessions.
}
public void sessionCreated(HttpSessionEvent event)
{
if(sessions == null)
sessions = new HashSet();
sessions.add(event.getSession());
}
public void sessionDestroyed(HttpSessionEvent event)
{
if(sessions != null)
{
sessions.remove(event.getSession());
}
}
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
