To get HttpSession.invalidate() to work, I modified my Turbine.java by
adding the following try/catch block around data.getSession().removeValue()
in the doGet() method.
Does anyone see any potential problems with doing this?
It seems harmless to me.
Without this one cannot invalidate an HttpSession which is important when
using Container Managed security (logging out for example).
Thanks,
David
--------cut from doGet() ------------------
// If a module has set data.acl = null, remove acl from
// the session.
if ( data.getACL() == null )
{
try <--- new try/catch block
{
data.getSession().removeValue(
AccessControlList.SESSION_KEY);
}
catch (IllegalStateException e) { } // do nothing, it's gone
}
*********************************************************************
This e-mail and any attachment is confidential. It may only be read, copied and used
by the intended recipient(s). If you are not the intended recipient(s), you may not
copy, use, distribute, forward, store or disclose this e-mail or any attachment. If
you are not the intended recipient(s) or have otherwise received this e-mail in error,
you should destroy it and any attachment and notify the sender by reply e-mail or send
a message to [EMAIL PROTECTED]
*********************************************************************
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
