Win a copy of AWS Security this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

Regarding Listeners

 
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
After session invalidation, HttpSessionListener is notified.Prior to that will the container notify the HttpSessionAttributeListener and HttpSessionBindingListener ? Because before invalidation of the session ,session attributes have to be removed.
regards,
Sam
 
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes. web-container should notify HttpSessionBindingListeners and HttpSessionAttributeListeners, before HttpSessionListen got the sessionDestroyed().
in the sessionDestroyed(), session.getAttribute() will be illegal, I forget whether it will throw an exception.
 
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
are the Attributes in session removed when session is Destroyed?
 
Kyle Tang
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's good question.
I am not for sure now, it is not on top of my head, but I have the impression that if the attribute implements HttpSessionBindingListener, they should get notified before the HttpSessionListener got sessionDestroyed() called.
If I have time later I will check the servlet spec. In the mean time I suggest you also take a look in the spec. One thing I still remember is "SCWCD study kit" says in sessionDestroyed() you can't call session.getAttribute(), that means all attributes should have been removed from that session.
 
Ranch Hand
Posts: 87
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here is the order in which the listeners will be invoked.
1. HttpSessionListener.sessionCreated(..)
2. HttpSessionBindingListener.valueBound(..)
3. HttpSessionAttributeListener.attributeAdded(..)
4. HttpSessionBindingListener.valueUnbound(..)
5. HttpSessionAttributeListener.attributeRemoved(..)
6. HttpSessionListener.sessionDestroyed(..)
Regarding the other question, if we invoke a method on HttpSession object inside sessionDestroyed(..) of HttpSessionListener method, we will get IllegalStateException.
Regards,
Maha Anna
 
Ranch Hand
Posts: 157
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
is the order related to the listener of deployment desription?
 
Maha Annadurai
Ranch Hand
Posts: 87
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The listed order above is for a particular case of removing a session attribute which implements the HttpSessionBindingListener and we also have a HttpSessionListener and a HttpSessionAttributeListener configured in web.xml.
Regards,
Maha Anna
 
I once met a man from Nantucket. He had a tiny ad
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic