This week's book giveaway is in the Jobs Discussion forum.
We're giving away four copies of Java Interview Guide and have Anthony DePalma on-line!
See this thread for details.
The moose likes Servlets and the fly likes java.lang.IllegalStateException: HttpSession is invalid Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "java.lang.IllegalStateException: HttpSession is invalid" Watch "java.lang.IllegalStateException: HttpSession is invalid" New topic

java.lang.IllegalStateException: HttpSession is invalid

Naresh Shanmugam
Ranch Hand

Joined: Jul 16, 2010
Posts: 86
We get this exception very frequently, it says something like "HttpSession is invalid" and then "ReplicatedSessionData.setAttribute", does anybody have any idea on this?. What i understood is if we try to get/set from the session after invalidating it, we would get "HttpSession is invalid", but in our current flow we didnt invalidate the session at all. Is it something to do with "Weblogic" (ReplicatedSessionData) or cluster?? Please advice

Vanessa Danin
Ranch Hand

Joined: Oct 04, 2004
Posts: 34
Naresh, I use Tomcat (not Weblogic) as my application server. However, just to rule out the obvious, could this session have expired in accordance with your config. Since you say that you have not invalidated the session anywhere in your application code, is it possible that your session timeout value in your web.xml or weblogic.xml file is set too low?
William Brogden
Author and all-around good cowpoke

Joined: Mar 22, 2000
Posts: 13037
Are you hanging on to a session reference between request-response cycles? Thats a no-no, the container is responsible for managing the session, you should get a fresh reference with each request.

Naresh Shanmugam
Ranch Hand

Joined: Jul 16, 2010
Posts: 86
Thanks for your reply Vanessa and Bill, We finally found the root cause of this issue, it is because the user does a double click on a link within a nano seconds(duplicate click), so the application receieves couple of requests, where the first request ends up with the exception due to the business requirement and it invalidates the session, and the second request(which is nothing but a duplicate submit by the user) is trying to access the same session which was invalidated, thats the reason for this exception. I am posting this because it might be useful for someone else,, thank you..
I agree. Here's the link:
subject: java.lang.IllegalStateException: HttpSession is invalid
It's not a secret anymore!