You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@turbine.apache.org by David Vandegrift <dv...@bluearc.com> on 2002/04/19 02:52:58 UTC

Added try/catch to Turbine.java. Problem?

To get HttpSession.invalidate() to work, I modified my Turbine.java by
adding the following try/catch block around data.getSession().removeValue()
in the doGet() method.

Does anyone see any potential problems with doing this?
It seems harmless to me.

Without this one cannot invalidate an HttpSession which is important when
using Container Managed security  (logging out for example).

Thanks,
  David


--------cut from doGet() ------------------

// If a module has set data.acl = null, remove acl from
 // the session.
if ( data.getACL() == null )
{
    try     <--- new try/catch block
    {
        data.getSession().removeValue(
                        AccessControlList.SESSION_KEY);
    }
    catch (IllegalStateException e) { }  // do nothing, it's gone
}


*********************************************************************
This e-mail and any attachment is confidential. It may only be read, copied and used by the intended recipient(s). If you are not the intended recipient(s), you may not copy, use, distribute, forward, store or disclose this e-mail or any attachment. If you are not the intended recipient(s) or have otherwise received this e-mail in error, you should destroy it and any attachment and notify the sender by reply e-mail or send a message to sysadmin@bluearc.com
*********************************************************************


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Added try/catch to Turbine.java. Problem?

Posted by Daniel Rall <dl...@finemaltcoding.com>.

David Vandegrift <dv...@bluearc.com> writes:

> To get HttpSession.invalidate() to work, I modified my Turbine.java by
> adding the following try/catch block around data.getSession().removeValue()
> in the doGet() method.
>
> Does anyone see any potential problems with doing this?
> It seems harmless to me.
>
> Without this one cannot invalidate an HttpSession which is important when
> using Container Managed security  (logging out for example).
>
> Thanks,
>   David
>
>
> --------cut from doGet() ------------------
>
> // If a module has set data.acl = null, remove acl from
>  // the session.
> if ( data.getACL() == null )
> {
>     try     <--- new try/catch block
>     {
>         data.getSession().removeValue(
>                         AccessControlList.SESSION_KEY);
>     }
>     catch (IllegalStateException e) { }  // do nothing, it's gone
> }

Huh.  What container are you using?

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>