DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=36994>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=36994 ------- Additional Comments From [EMAIL PROTECTED] 2005-10-11 17:15 ------- I agree with Lars. I use a Map (stored as an attribute of the ServletContext) to keep track of the active http sessions. Using Tomcat 5.5.9 I didn't have any problem logging-out, but with Tomcat 5.5.12 when I try to invalidate a session I get an ISE ("getId: Session already invalidated"). (In reply to comment #0) > After a http session is invalidated a call to getId() throws an > IllegalStateException("already invalidated"). > > I think this doesn't conform to the servlet spec that doesn't say anything > about > an ISE in the api doc. All ISEs that can be thrown by the session-methods are > explicit listed. > > Beside this it is very essential to have the sessionId at least during > HttpSessionBindingListener.valueUnbound() if this method is called during the > invalidation. > The api doc of valueUnbound() says: > "Notifies the object that it is being unbound from a session and identifies > the > session." > The session is identified by its Id, but if the Id is not accessible > anymore... > > The ISE was inserted in Version 5.5.10: excerpt from the changelog: > "Re-add patch causing Session.getId to throw an ISE, and make all internal > components use a safe getIdInternal" > > > Thanks > Lars -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]