Hi everybody: it's where I am now: Since I don't want to create a session for non-authenticated user, I made a small change to my login jsp: <%@ page session="false">
This is strange but it looks like I have this problem only when I access my web application through the proxy server. Here the steps how I reproduce my problem: 1. Invoke servlet A (any serlvet in my web application, but login) using browser: http://host/appName/servletA The following code returns null as expected. HttpSession ses = req.getSession(false); 2. Login into application: new session get created by login servlet and user's token stored in session. (expected) 3. I can access any servlets and it shows right session id, BUT when I access servlet A session object is null. now the crazy part: if I don't access "servlet A"( used in step 1) for 4 minutes it starts working properly!!! and I able to get session using: HttpSession ses = req.getSession(false); I really don’t understand why it happens. Is it somehow session Id get associated with servlet and reset later to correct value? And again, When no proxy involved everything looks fine. Comments? Thank you, Mark --- Mark <[EMAIL PROTECTED]> wrote: > Thanks Justin, > This is something I will look into and will keep the list posted > with > update. > > Mark. > > P.S. But what can a reason for getSession() return !null if I wait > for a minute or so ? > > > --- Justin Ruthenbeck <[EMAIL PROTECTED]> wrote: > > > > > Mark, > > > > Check the session id that is included in the request > > (getRequestedSessionId) and verify that this sessionid is ALWAYS > > identical to the one used when the session was created. More > than > > likely, you'll find this is not the case. If you're convinced > that > > the > > sessionid is found at one moment and not at another, try to find > a > > way to > > reproduce it and then post that to the list. > > > > There's a 99% chance something is wrong with your code and/or the > > > client's response causing the behavior you're seeing. The fact > > that > > you're seeing it with one particular servlet (presumably one type > > of use > > case) makes it even more likely. > > > > justin > > > > > > At 09:14 AM 10/12/2004, you wrote: > > >Hi David, > > >Thanks for reply but I guess I need something else. All answers > to > > >your suggested situation are negative. Answers included in your > > >message. > > >--- David Wall <[EMAIL PROTECTED]> wrote: > > > > > > > Is it possible that your session has ended (too long between > > > > requests)? > > >nope, another servlet get session with no problem. and after few > > >minutes servlet is null problem just works fine. > > > > Check how long you have configured sessions to be active (in > > > > web.xml). Is > > > > it possible you are losing the encoded session ids (if > cookies > > are > > > > not being > > > > used)? It's easy to miss an encoded URL on a page for > get/post > > and > > > > thus lose > > > > the session id on the next request. Then again, I've seen > bugs > > > > before in > > > > which cookies are quite reliable, but encoded URLs don't > always > > > > seem to > > > > work. > > >I do encode URL just in case, but Cookie is used on client > > >side(browser). When I look at the source page URL is not > encoded. > > > > > > > > > > > David > > > > > > > > > >Any other ideas? > > > > ----- Original Message ----- > > > > From: "Mark" <[EMAIL PROTECTED]> > > > > To: <[EMAIL PROTECTED]> > > > > Sent: Tuesday, October 12, 2004 8:36 AM > > > > Subject: request.getSession(false) randomly returns null in > > servlet > > > > > > > > > > > > > Hi All, > > > > > I have unstable behavior in my web application when I try > to > > get > > > > > HttpSession. > > > > > The problem is that the following code randomly returns > > _null_ > > > > for > > > > > HttpSession. > > > > > > > > > > But next http request from different servlet using the same > > code > > > > is > > > > > fine. and when I call servlet with problem I've got null > > again. > > > > > Interesting, that if I wait for few minutes, this problem > > does > > > > not > > > > > exists: I'm getting a session object with no problems > > > > > Here the code: > > > > > > > > > > ------ cut ------ > > > > > public void doPost( HttpServletRequest req, > > HttpServletResponse > > > > resp > > > > > ) > > > > > throws IOException, ServletException > > > > > { > > > > > String cPath = req.getContextPath(); > > > > > HttpSession ses = req.getSession(false); > > > > > /* ... ses is null sometimes ;(*/ > > > > > .... > > > > > ----- end cut ---- > > > > > > > > > > > > > > > Please note that I use req.getSession(true) in the login > > servlet > > > > and > > > > > DO know that session is created. > > > > > > > > > > Tech spec: > > > > > Software: tomcat 5.0.24 on Redhat FS2 > > > > > Hardware: AMD 2700+, 512Mb, 120 GB HDD. > > > > > > > > > > > > > > > Any comments and suggestions are welcome. > > > > > > > > > > Thanks, > > > > > Mark. > > > > > > > > > > > > > > > > > > > > > > > > > __________________________________ > > > > > Do you Yahoo!? > > > > > Take Yahoo! Mail with you! Get it on your mobile phone. > > > > > http://mobile.yahoo.com/maildemo > > > > > > > > > > > > > > > > > >--------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: > > > > [EMAIL PROTECTED] > > > > > For additional commands, e-mail: > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > >--------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > >__________________________________ > > >Do you Yahoo!? > > >Yahoo! Mail Address AutoComplete - You start. We finish. > > >http://promotions.yahoo.com/new_mail > > > > > > >--------------------------------------------------------------------- > > >To unsubscribe, e-mail: > [EMAIL PROTECTED] > > >For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > ______________________________________________ > > Justin Ruthenbeck > > Lead Software Engineer, NextEngine Inc. > > justinr - AT - nextengine DOT com > > Confidential. See: > > http://www.nextengine.com/confidentiality.php > > ______________________________________________ > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > _______________________________ > === message truncated === _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
