Hi all,
Have an interesting issue here and just wondering if any of you have the same kind of
problem on other containers, or even whether you think this is working correctly. The
servlet spec (2.3) it seems does not cover this. We are running Jboss 2.4 with Jetty 4
I have an object that is placed in the HttpSession that implements
HttpSessionBindingListener. What I would like is when this object is being removed from
the session (which would only be by an explict logout or session timeout) then it goes
and
does some tidyup on the system - which includes calling remove() on some stateful EJBs
On an explicit logout everything works fine. However during the session timeout i get
authentication errors - the principle is null. I don't know if it the container is
designed to be either not 'logged in' or to be explicitly 'logged out' when the
session is
being emptied or whether this is an oversight.
Or do you think it should work like this? Or are other containers 'logged in' at this
point?
Cheers
Ian
