Once a session has been invalidated which HTTPSession methods can be called on that session without throwing an IllegalStateException? a) Invalidate b) getAttribute c) setAttribute d) getServletContext e) getAttributeNames
The answer given is D.My doubt is that if a session is invalidated means the session will no longer exist.Then howcome can we call getServletContext on the same session object.Can somebody help with this.
Though have not tried this practically, but here is what I interpreted/assumed:
A session is used to hold some data, at least one is always there by default, named 'id', so it exposes getId() method. The other data you can store youself called attributes, you can store any data you want taht should belong to current user's session.
Now, when a session is invalidated, either automatically by timing out, or programmatically with invalidate() method, in either case all the data it holds become inaccessible, But the context is still valid because context is not user specific.
I always wondered why session gives context in first place. The above question is a consequence of such redundant API. Context is such an redundant thing, you can get it from servlet itself, or from config, or from session!
Hope this post helped. [ July 08, 2005: Message edited by: Anand Wadhwani ]
SCWCD 1.4<br />---------------------<br />Ability is what you're capable of. <br />Motivation determines what you do. <br />Attitude determines how well you do it.<br />---------------------
Joined: Mar 09, 2005
Thanks for the reply.I think i got u.According to my understanding we can only access servletcontext even after the session is invalidated.Not servlet config or anything.If this is wrong correct me.
You can access the session ID using getId() on invalidated session. The methods specified to throw IllegalStateException only give the Exception. Otherwise the session object is still valid. This is my understanding.
I just tried accessing ServletContext and ServletConfig objects after invalidating session. Infact they were accessible and i was able to retrieve the parameters in config and context objects.
Incidentally methods such as session.getMaxInactiveInterval()and session.getId() work fine. However as per API's the latter method should throwIllegalStateException - if this method is called on an invalidated session. What actually is happening here ? (The session does get invalidated - as i find calls to sessionDestroyed and valueUnbound methods being made.)
Still there is confusion. I tested that the setAttribute and getAttribute methods on the invalidate session throw illegalStateException but getId not. Also there are few lines from spec.
The session invalidation will not take effect until all Servlets using that session have exited the service method.Once the session invalidation is initialized, a new request must not be able to see that session.
So why for some methods it throws IllegalException, considering the session is not invalidated for current request?