DO NOT REPLY [Bug 16589] New: - Invalidating a session with a HttpSessionBindingListener object type attribute throws IllegalStateException

[bu...@apache.org]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16589>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16589

Invalidating a session with a HttpSessionBindingListener object type attribute throws IllegalStateException

           Summary: Invalidating a session with a HttpSessionBindingListener
                    object type attribute throws IllegalStateException
           Product: Tomcat 4
           Version: 4.1.18
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Major
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: it@mighty.co.za


We have an application where users authenticate to login. Upon login we add an 
object implementing HttpSessionBindingListener to the session. When user 
explicitly logs out, we first remove object from session and then invalidate 
session. If we only invalidate session without first removing object from 
session, IllegalStateException is thrown. Also, when session times out, 
valueUnbound throws IllegalStateException trying to get handle on session:

public void valueUnbound(HttpSessionBindingEvent event) {
     HttpSession session = event.getSession();
     Object o = session.getAttribute(et...
}

Error : 

java.lang.IllegalStateException: getAttribute: Session already invalidated
    at org.apache.catalina.session.StandardSession.getAttribute
(StandardSession.java:942)

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org