Part of the problem may be that you're grabbing a session object
that you have stored in your own data structure. Tomcat doesn't
know anything about your monitor HashMap and is not going to update
it when it invalidates a timed-out session.
Why don't you do this:
try {
oldSession.invalidate();
} catch (IllegalStateException ise) {
// do nothing, if it's already invalidated, we're happy
}
Jeff
----- Original Message -----
From: "Rick Roberts" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Tuesday, April 09, 2002 10:13 AM
Subject: Session already invalidated
> I have the book "Professional JSP" (1st Edition).
> Chapter 5 has some session management code that does not work.
> I have searched the different newsgroups and tomcat archives, and have
> found where others have asked this question but I can't find where
> anyone has answered it.
>
> The problem is that whenever "oldSession.invalidate()" is called; I get
> the following error message:
>
> java.lang.IllegalStateException: getAttributeNames: Session already
> invalidated
>
> I am using Tomcat 3.3, JDK 1.3.1_01 and Apache on RedHat Linux 7.2.
>
> Here is the problem code:
>
> -------------------
>
> <%@ page language="java" import="java.util.*" errorPage="error1.jsp"%>
>
> <jsp:useBean id="loginBean" scope="page" class="Login">
> <jsp:setProperty name="loginBean" property="*"/>
> </jsp:useBean>
>
> <jsp:useBean id="monitor" scope="application" class="java.util.HashMap"/>
>
> <%
> String username = request.getParameter( "username" );
> String password = request.getParameter( "password" );
> loginBean.setUserName( username );
> loginBean.setPassword( password );
>
> String display = "index.html";
> User user = loginBean.authenticate();
> if( user != null ){
> user.setIPAddr(request.getRemoteHost());
> // Got user. Do they already have a session?
> if( monitor.containsKey(user)){
> // There's an old session for this user - invalidate it
> HttpSession oldSession = (HttpSession)monitor.get(user);
> String sID1 = oldSession.getId();
> System.out.println("Existing Session detected: " + sID1);
> oldSession.invalidate();
> }
>
> session.setAttribute("user", user);
> monitor.put(user, session);
> String sID = session.getId();
> System.out.println("Session Created: " + sID);
>
> session.setMaxInactiveInterval(300);
>
> display="browse.jsp";
> }
> %>
>
> <jsp:forward page="<%= display %>"/>
>
> ----------------
>
> Any help greatly appreciated.
>
> Thanks,
>
> Rick Roberts
>
>
> --
> To unsubscribe: <mailto:[EMAIL PROTECTED]>
> For additional commands: <mailto:[EMAIL PROTECTED]>
> Troubles with the list: <mailto:[EMAIL PROTECTED]>
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
