Hi,
I am trying to build a login servlet.
The code of the most simple version of the servlet which reproduces the
problem is attached at the end of this mail along with the exception.
The password field is not required as for now.
This piece of code works fine on tomcat 3.1.1 but fails on tomcat 3.2.1
To reproduce the error,
1. start tomcat 3.2.1 afresh.
2. Login from a browser.
3. Open another browser (not a new instance of the same browser) on the same
machine or another machine.
4. Login with the same username.
A little explanation of what my code is doing.
Any request for login can be one of these three types
1. A request which is related to no session.
2. A request for login when a session exists on the same browser.
3. A request for login when the user is already logged on (from the same or
different machine)
so the servlet does the following
1.it invalidates any existing session on this request.
2.it checks the context to find if the present user has any associated
session and if it is there tries to invalidate it. (This is where I get the
exception, given below).
3. creates a new session.
4. puts the new session into the context with the user id.
Can someone tell me what is wrong with my philosophy?
Is there a better way to do this? (I do trap the session invalidation event
and remove the session referance from context but is omitted here).
Do I always get the same session object when I ask for the same session
object, or get an equivalent object (with the same state). I think the specs
are silent on this. It seems that tomcat 3.2 is reusing the objects and
hence I am facing this problem.
How do I solve the double login problem if I can not store the referace of
the session in the context?
Any help would be greatly appreciated.
Regds,
Gokul
========= 8<==== SERVLET CODE ========= 8< =======
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
public class TestSessionBehaviour
extends HttpServlet
{
private static String STR="LOGIN.SESSION.USER.";
public void doGet(HttpServletRequest req, HttpServletResponse res)
throws IOException, ServletException
{
res.setContentType("text/html");
PrintWriter out = res.getWriter();
sendLoginPage(out);
out.close();
}
public void doPost(HttpServletRequest req, HttpServletResponse res)
throws IOException
{
String name = req.getParameter("id");
HttpSession objSession = req.getSession(false);
// if the present request has a session invalidate it.
if(objSession != null)
objSession.invalidate();
// if this user has a valid session, invalidate it.
objSession = (HttpSession)getServletContext().getAttribute(STR+name);
if (objSession != null)
{
System.out.println("The session from context retrieved");
try
{
objSession.invalidate();
}catch(IllegalStateException ex)
{ }
}
// create new session
objSession = req.getSession(true);
// store in the context the username and session.
getServletContext().setAttribute(STR+name,objSession);
// send reciept html
res.setContentType("text/html");
PrintWriter out = res.getWriter();
sendReceipt(out);
out.close();
}
private void sendReceipt(PrintWriter out)
{
out.println("<html><title>Receipt</title><body>The login is
recorded</body></html>");
}
private void sendLoginPage(PrintWriter out)
{
out.println("<html><title>Test Login</title><body>Please login <br><form
method=post> <table><tr>");
out.println("<td>Name </td><td><input type=text name=id> </td></tr>");
out.println("<tr><td>Password</td><td><input type=text
name=pass></td></tr>");
out.println("<tr><td><input type=reset value=reset></td><td><input
type=submit value=login></td></table>");
out.println("</form></body></html>");
}
}
========= 8<===== EXCEPTION THROWN==== 8< =====
Internal Servlet Error:
java.lang.NullPointerException
at
org.apache.tomcat.facade.HttpSessionFacade.invalidate(HttpSessionFacade.java
:136)
at TestSessionBehaviour.doPost(TestSessionBehaviour.java:33)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:404)
at org.apache.tomcat.core.Handler.service(Handler.java:286)
at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
at
org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:79
7)
at org.apache.tomcat.core.ContextManager.service(ContextManager.java:743)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
onnectionHandler.java:210)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
at java.lang.Thread.run(Thread.java:484)
========= 8<============= 8< =============
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
