On 16/11/2010 21:15, Christopher Schultz wrote: > 2. There is no way for a client to check the validity of an HttpSession > object before calling getAttribute (or setAttribute for that matter) > > The HttpSession interface javadoc says "For session that are invalidated > or expire, notifications are sent after the session has been invalidated > or expired." which means that, at least, the state above is correct.
The class is calling: StandardSessionFacade.getAttributeNames. Shouldn't we see the HttpSession class in the stacktrace, not the implementation, if that's what they're calling? Makes me think the OP is interacting with Tomcat internal classes. p
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature