|
Hi,
I am trying to build a login servlet. The code of the most simple version of the servlet which reproduces the problem is attached at the end of this mail along with the exception. The password field is not required as for now. This piece of code works fine on tomcat 3.1.1 but fails on tomcat 3.2.1 To reproduce the error, 1. start tomcat 3.2.1 afresh. 2. Login from a browser. 3. Open another browser (not a new instance of the same browser) on the same machine or another machine. 4. Login with the same username. A little explanation of what my code is doing. Any request for login can be one of these three types 1. A request which is related to no session. 2. A request for login when a session exists on the same browser. 3. A request for login when the user is already logged on (from the same or different machine) so the servlet does the following 1.it invalidates any existing session on this request. 2.it checks the context to find if the present user has any associated session and if it is there tries to invalidate it. (This is where I get the exception, given below). 3. creates a new session. 4. puts the new session into the context with the user id. Can someone tell me what is wrong with my philosophy? Is there a better way to do this? (I do trap the session invalidation event and remove the session referance from context but is omitted here). Do I always get the same session object when I ask for the same session object, or get an equivalent object (with the same state). I think the specs are silent on this. It seems that tomcat 3.2 is reusing the objects and hence I am facing this problem. How do I solve the double login problem if I can not store the referace of the session in the context? Any help would be greatly appreciated. I am not on this mailing list. Please send a CC to me at [EMAIL PROTECTED] when replying to
this mail
Regds, Gokul ========= 8<==== SERVLET CODE ========= 8< ======= import javax.servlet.*; import javax.servlet.http.*; import java.io.*; public class TestSessionBehaviour extends HttpServlet { private static String STR="LOGIN.SESSION.USER."; public void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { res.setContentType("text/html"); PrintWriter out = res.getWriter(); sendLoginPage(out); out.close(); } public void doPost(HttpServletRequest req, HttpServletResponse res) throws IOException { String name = req.getParameter("id"); HttpSession objSession = req.getSession(false); // if the present request has a session invalidate it. if(objSession != null) objSession.invalidate(); // if this user has a valid session, invalidate it. objSession = (HttpSession)getServletContext().getAttribute(STR+name); if (objSession != null) { System.out.println("The session from context retrieved"); try { objSession.invalidate(); }catch(IllegalStateException ex) { } } // create new session objSession = req.getSession(true); // store in the context the username and session. getServletContext().setAttribute(STR+name,objSession); // send reciept html res.setContentType("text/html"); PrintWriter out = res.getWriter(); sendReceipt(out); out.close(); } private void sendReceipt(PrintWriter out) { out.println("<html><title>Receipt</title><body>The login is recorded</body></html>"); } private void sendLoginPage(PrintWriter out) { out.println("<html><title>Test Login</title><body>Please login <br><form method=post> <table><tr>"); out.println("<td>Name </td><td><input type=text name=id> </td></tr>"); out.println("<tr><td>Password</td><td><input type=text name=pass></td></tr>"); out.println("<tr><td><input type=reset value=reset></td><td><input type=submit value=login></td></table>"); out.println("</form></body></html>"); } } ========= 8<===== EXCEPTION THROWN==== 8< ===== Internal Servlet Error: java.lang.NullPointerException at org.apache.tomcat.facade.HttpSessionFacade.invalidate(HttpSessionFacade.java :136) at TestSessionBehaviour.doPost(TestSessionBehaviour.java:33) at javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:404) at org.apache.tomcat.core.Handler.service(Handler.java:286) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:79 7) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:743) at org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC onnectionHandler.java:210) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498) at java.lang.Thread.run(Thread.java:484) ========= 8<============= 8< ============= |
