• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session Invalidation

 
Krishna, Alle
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I wanted to know when a session is invalidated with a HttpSession.invalidate() call, is the session object destroyed or are all the objects associated with the session are destroyed?
Snippet of the code I have in a JSP,
String inv = request.getParameter("action");
if(inv != null && inv.equals("invalidate")) {
session = request.getSession(true);
session.invalidate();
}
System.out.println("SESS = " + session);
String sessionAttr1 = (String)session.getAttribute("uid");
I get an IllegalStateException when the getAttibute method in the above piece of code is executed. But, I can see the print statement SESS shows a session.
FYI: I am using Orion Application Server, ver 1.5.2
Can someone let me know the answer. I appreciate the response in advance. Let me know if the question is ambiguous.
Thanks.
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13058
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I believe it works this way. When you call session.invalidate, the system detaches all items attached to the session object and marks it as an invalid session. Subsequently all session method calls then throw that exception. The servlet engine can't null out all references to the session until after the current request/response cycle is finished so the object is still there.
Bill
 
Krishna, Alle
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Bill,
Thank you for the information. So is this some kind of limitation the Session Management API.
Once again, Thanks
Vasanth
 
Maulin Vasavada
Ranch Hand
Posts: 1873
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi Krishna
to be on safe side i'd have written,

regards
maulin
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic