Hi,

I am trying to implement the HttpSessionListener (the same class
implements ServletContextListener). The code for which is below.

1. I open a browser window , use MyWebApp after logging in it.
2. I open the tomcat manager and reload my MyWebApp. I go to the
console at this point and see the message - "Session is already
invalid." (see code below)
3. I go to my window in step 1. and click on a link to go to a
particular .jsp page. I get a blank window. I check the session
attributes at this point and my session attribute USER_AUTHORIZED
exists and is true.

step 2 s result conflicts with step 3s result. (see code below).
Invalidating the session does not propagate to the client ??????? What
am i doing wrong ?

 public void contextDestroyed(ServletContextEvent sce)
 {
   // Destroy sessions.
   if(sessions != null)
   {
     Iterator i = sessions.iterator();
   
     while (i.hasNext())
     {
       HttpSession s = (HttpSession)i.next();
 
         try
         {
           if(s != null && s.getAttribute("USER_AUTHORISED") != null)
           {
             System.out.println("Invalidating session id = " +
s.getId());
             s.invalidate();
           }
         }
         catch(IllegalStateException ex)
         {
           System.out.println("Session is already invalid.");
         }
     }
   }
   // End Destroy sessions.
 }

 public void sessionCreated(HttpSessionEvent event)
 {
   if(sessions == null)
     sessions = new HashSet();
     
   sessions.add(event.getSession());
 }
 
 public void sessionDestroyed(HttpSessionEvent event)
 {
   if(sessions != null)
   {
     sessions.remove(event.getSession());
   }
 }




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)