You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by David Molloy <mo...@eeng.dcu.ie> on 2000/11/21 10:32:05 UTC

Sessions and Class Reloading

Hi,

In short: What happens to session variables when you cause class
reloading in a webapp?

In full: I'm currently writing a system where the user must always
stay logged in.  When the user logs in it checks the database, pulls
that users info and creates a 'User' for that person.  This User class
is placed in the session:
	HttpSession session = req.getSession(true);			
	session.putValue("theUser", user);

Whenever a user tries to access a new servlet it checks first whether
that user is logged on and secondly whether they have authorization
for the servlet.  This used to work on JServ for me - when you reloaded
a zone the session variables get invalidated and when you do the 
req.getSession(true) it simply loaded a new session and the person logged
in again - fine.   

What seems to be happening now is that the session is hanging around
but is 'corrupt' - when I modify a class and don't restart tomcat a
problem occurs when you try this:
	
	HttpSession session = req.getSession(true);
	user = (User) session.getValue("theUser");

What occurs now is that you get a ClassCastException on the second line
here, even though it is correct.  

The only way around this is to restart the tomcat server every time I 
make a change to the webapp. Does anyone know if this is a bug, whether
there is a way around it or exactly what goes on?  Any help would
be great.

Dave Molloy

PS: Using Tomcat 3.1 Release on Solaris 2.7 standalone.