Take a look in this question that I got from a web site:
Which of the following statements best describes the code?
A) A compilation error will occur as the HttpSessionListener class is not properly implemented B) No errors or exceptions will occur as the code is written correctly C) An IllegalStateException will be thrown when the code is executed D) None of the above
The answer is "C" in the web site, when the session.getAttribute("username") method is called, because the session has been invalidated.
But, if we look at Servlet Spec 2.4 (pg. 22), it says that the HttpSessionListener.sessionDestroyed() method notifies when a session is about to be invalidate. So, the correct answer is "B".
I've implemented the code above and it compiles and runs without problem.
Wai Yip Lau
Joined: Jun 20, 2005
The question may be a bit old. According to the servlet 2.4 spec(p.283), the behavoir of sessionDestroyed is changed to notify before the session is invalidated since version 2.3.
Joined: May 12, 2004
I guess it is correct for them to change the behavior of the sessionDestroyed() method. One should have control over the session object before it goes out of scope.