Is it not possible to access session attributes in the method sessionDestroyed() of HttpSessionListener by using the session object returned from HttpSessionEvent??
Correct; it is not possible. As discussed in Section 10.7 of More Servlets and JSP, the attributes are removed before sessionDestroyed is called. You need to catch them in the attributeRemoved method of HttpSessionAttributeListener. I haven't found much use for sessionDestroyed other than listeners that merely keep track of the number of active sessions (which is actually helpful to know).
i found it the hard way.
actually i had to reset the user login status in the database when session is destroyed. HttpSessionListener did not help me, i modified my design and now using HttpSessionBindingListener. This is clean and works perfect.
Thanx for confirming...
Notification that a session was invalidated.
under Servlet 2.4:
Notification that a session is about to be invalidated.
So it is perfectly plausible that a 2.3 engine would blow away the session prior to calling sessionDestroyed, while a 2.4 engine will not.