On Fri, 13 Dec 2002, Jeff Wishnie wrote:
Date: Fri, 13 Dec 2002 17:35:18 -0800
From: Jeff Wishnie [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: HttpSessionListern BUG in 4.1.12 ! ?!
It appears the session object
It appears the session object in the SessionEvent passed into
HttpSessionListener.sessionCreated and
HttpSessionListener.sessionDestroyed is the session _facade_
org.apache.catalina.session.StandardSessionFacade
But the one passed into HttpSessionAttributeListener is the actual session object
Jeff,
Just out of curiousity, where in the Servlet specification does it imply
that you can compare such objects for identity as opposed to using the
session id? As developers make more use of proxies, object identity becomes
a pretty weak assumption unless guaranteed by contract.
---