You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/06/07 17:41:19 UTC

DO NOT REPLY [Bug 28709] - javax.servlet.http.HttpServletRequest.isRequestedSessionIdValid() returns true for an invalidated session!

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=28709>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28709

javax.servlet.http.HttpServletRequest.isRequestedSessionIdValid() returns true for an invalidated session!





------- Additional Comments From blumm@apache.org  2004-06-07 15:41 -------
The excerpts from the code base look fine for me too. What makes me wonder is
that if the test-web-application uses
"coServletContext.getNamedDispatcher(coServlet)"
instead of
"coServletContext.getRequestDispatcher(coServletPath)"
then everything works as expected. I think there must be a consistent behavior.
Did you run the test code that I have provided with the attachments? Is the bug
in test code?

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org