Nobody seemed to answer this one ...
To understand how it works we need to check the JSDK speck and possible
implemntation.
session.invalidate() merely marks the session to be deleted. Such a session
must throw IllegalStateException for some of its methods, but getId()
doens't belong to this group. Ithink it was designed that way on purpose -
so the programmers can check what session is being deleted from
valueUnbound() in their HttpSessionBindingListener implementations.
The actual session is usually deleted later, triggered by some sort of
asynchronous mechanism. The details behind are entirely up to the servlet
engine and should not concern you.
If you used getValue() or isNew() instead of getId() in your last loop you'd
get 'Session is dead' message since these methods are required to throe the
IllegalStateException after the session has been invalidated.
hope it helps
Jacek
> -----Original Message-----
> From: Fernando Saldanha [SMTP:[EMAIL PROTECTED]]
> Sent: Saturday, December 04, 1999 13:03
> To: [EMAIL PROTECTED]
> Subject: invalidate()
>
> I have been trying to kill a session, but it remains alive, a true
> Rasputin.
> The code is below. The output
>
> Killing session with ID: 944330779233294525
> Dead session id: 944330779233294525
>
> shows that the session has not died.
>
> Can anyone help?
>
> Thanks.
>
> public void doGet (HttpServletRequest req, HttpServletResponse res)
> throws ServletException, IOException
> {
> HttpSession session = req.getSession(true);
> String lgn = (String) session.getValue("username");
> String pwd = (String) session.getValue("password");
> ServletOutputStream out = res.getOutputStream();
>
> res.setContentType("text/html");
>
> String name = req.getRemoteUser();
>
>
> out.println("<HEAD><TITLE> KillSessionsServlet Output
> </TITLE></HEAD><BODY>");
> out.println("<h1> KillSessionsServlet Output </h1>");
>
> out.println("<p>Server user name: " + (name == null ? "Unknown"
> : name)
> + "</p>");
> out.println("<p>User name: " + lgn + "</p>");
> out.println("<p>Password: " + pwd + "</p>");
>
> Integer ival = (Integer)
> session.getValue("sessiontest.counter");
> if (ival==null) ival = new Integer(1);
> else ival = new Integer(ival.intValue() + 1);
> session.putValue("sessiontest.counter", ival);
> out.println("You have hit this page <b>" + ival + "</b>
> times.<p>");
> out.println("Click <a href=" +
> res.encodeUrl("/servlet/SessionServlet")
> + ">here</a>");
> out.println(" to ensure that session tracking is working even if
> cookies
> aren't supported.<br>");
> out.println(" Note that by default URL rewriting is not enabled
> due to
> its expensive");
> out.println(" overhead.");
> out.println("<p>");
> out.println("<h3>Request and Session Data:</h3>");
> out.println("Session ID in Request: " +
> req.getRequestedSessionId());
> out.println("<br>Session ID in Request from Cookie: " +
> req.isRequestedSessionIdFromCookie());
> out.println("<br>Session ID in Request from URL: " +
> req.isRequestedSessionIdFromUrl());
> out.println("<br>Valid Session ID: " +
> req.isRequestedSessionIdValid());
> out.println("<h3>Session Data:</h3>");
> out.println("New Session: " + session.isNew());
> out.println("<br>Session ID: " + session.getId());
> long crTime = session.getCreationTime();
> Date crDate = new Date(crTime);
> out.println("<br>Creation Time: " + crTime + " (" + crDate +
> ")" );
> long laTime = session.getLastAccessedTime();
> Date laDate = new Date(laTime);
> out.println("<br>Last Accessed Time: " + laTime + " (" +
> laDate + ")" );
> out.println("<h3>Session Context Data:</h3>");
> HttpSessionContext context = session.getSessionContext();
>
> for (Enumeration e = context.getIds(); e.hasMoreElements() ;) {
> String dyingSessionID = (String) e.nextElement();
> out.println("Killing session with ID: " + dyingSessionID
> + "<br>");
> HttpSession dyingSession =
> context.getSession(dyingSessionID);
> try {
> dyingSession.invalidate();
> } catch(IllegalStateException exc) {
> out.println("Could not kill<br>");}
> try {
> out.println("Dead session id: " +
> dyingSession.getId()); }
> catch(IllegalStateException exc) {
> out.println("Session is dead<br>"); }
> }
>
> out.println("</BODY>");
> out.close();
> }
>
> __________________________________________________________________________
> _
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
