I am trying to invalidate a user's session after the the window has been closed or navigated away from with the browser arrows. The trouble I am running into is that after the session is invalidated, I am not able to create a new session. I am attempting to do this in the following way:

1. HttpSession session = request.getSession(false);
2. if (session == null){
3. return new MVC("SOME PAGE");
4. }
5. session.setAttribute("someAttribute","attr");


Line 5 is where the illegalStateException is being thrown; however, session should be null if the session object is not valid.
Even when I try to create a new session object after invalidation by setting the boolean value to true, it is not working. Can someone please help. Thanks!

Post your full stack trace.

You're chasing your tail. There is no way to deterministically determine whether the browser has been closed or that your web app is being navigated away from. So why are you not just relying upon the session time-out like everyone else?

This is the full stack trace:


PWC1412: WebModule[/KingTaxSavannah] ServletContext.log():Initializing Spring root WebApplicationContext
Root WebApplicationContext: initialization started
Refreshing org.springframework.web.context.support.XmlWebApplicationContext@17865f3: display name [Root WebApplicationContext]; startup date [Mon Apr 27 15:48:05 EDT 2009]; root of context hierarchy
Loading XML bean definitions from ServletContext resource [/WEB-INF/applicationContext.xml]
Bean factory for application context [org.springframework.web.context.support.XmlWebApplicationContext@17865f3]: org.springframework.beans.factory.support.DefaultListableBeanFactory@17d2068
Loading properties file from ServletContext resource [/WEB-INF/jdbc.properties]
Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@17d2068: defining beans [propertyConfigurer,dataSource,ServicesBean,VerifyUserImpl,SavePersonalInfoImpl,RetrievePersonalInfoImpl,CreateLoginImpl,SaveQuestionsImpl,SaveUploadInfoImpl,JdbcTemplate,LoginDAO,PersonAddressDAO,PersonDAO,DependantDAO,QuestionairreDAO,UploadDAO]; root of factory hierarchy
Loaded JDBC driver: com.mysql.jdbc.Driver
Root WebApplicationContext: initialization completed in 1871 ms
PWC1412: WebModule[/KingTaxSavannah] ServletContext.log():Initializing Spring FrameworkServlet 'dispatcher'
FrameworkServlet 'dispatcher': initialization started
Refreshing org.springframework.web.context.support.XmlWebApplicationContext@171d3ec: display name [WebApplicationContext for namespace 'dispatcher-servlet']; startup date [Mon Apr 27 15:48:07 EDT 2009]; parent: org.springframework.web.context.support.XmlWebApplicationContext@17865f3
Loading XML bean definitions from ServletContext resource [/WEB-INF/dispatcher-servlet.xml]
Bean factory for application context [org.springframework.web.context.support.XmlWebApplicationContext@171d3ec]: org.springframework.beans.factory.support.DefaultListableBeanFactory@f0d932
Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@f0d932: defining beans [org.springframework.web.servlet.mvc.support.ControllerClassNameHandlerMapping#0,urlMapping,viewResolver,indexController,officeDetailController,disclaimerController,personalInfoController,paymentController,loginController,sessionController]; parent: org.springframework.beans.factory.support.DefaultListableBeanFactory@17d2068
FrameworkServlet 'dispatcher': initialization completed in 304 ms
PWC1412: WebModule[/KingTaxSavannah] ServletContext.log():Initializing Spring FrameworkServlet 'BaseController'
FrameworkServlet 'BaseController': initialization started
Refreshing org.springframework.web.context.support.XmlWebApplicationContext@1a79f8e: display name [WebApplicationContext for namespace 'BaseController-servlet']; startup date [Mon Apr 27 15:48:07 EDT 2009]; parent: org.springframework.web.context.support.XmlWebApplicationContext@17865f3
Loading XML bean definitions from ServletContext resource [/WEB-INF/BaseController-servlet.xml]
Bean factory for application context [org.springframework.web.context.support.XmlWebApplicationContext@1a79f8e]: org.springframework.beans.factory.support.DefaultListableBeanFactory@d65d7a
Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@d65d7a: defining beans [urlMapping,multipartResolver,BaseController,LoginController,PersonalInfoController,QuestionairreController,UploadController]; parent: org.springframework.beans.factory.support.DefaultListableBeanFactory@17d2068
FrameworkServlet 'BaseController': initialization completed in 219 ms
StandardWrapperValve[BaseController]: PWC1406: Servlet.service() for servlet BaseController threw exception
java.lang.IllegalStateException: PWC2789: setAttribute: Session already invalidated
at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1629)
at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:163)
at Controllers.LoginController.createLogin_xa(LoginController.java:83)
at Controllers.BaseController.getController(BaseController.java:63)
at Controllers.BaseController.handleRequest(BaseController.java:52)
at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:874)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:808)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:476)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:441)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:411)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:317)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.netbeans.modules.web.monitor.server.MonitorFilter.doFilter(MonitorFilter.java:390)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)

Setting the session timeout would work for the application once the app. is complete. I ran into this problem because I'm continuously testing the app, and the attributes in the session are persisting. For example, if I create a user, exit the application, then come back in and create another user, the attributes from the first user are still in the session. It causes problems in the code that checks session attributes to see if an update needs to be done on the database or an insert (a new user or an existing user). I'm thinking maybe I'll just set a map inside of the state to wrap all my attributes, then removing it would be equivalent to a removeAll( ) method on the session. I was attempting to do a work around instead of recoding the classes.

If you exit the application (I think you mean browser here) and come back then how you are getting same session being assigned again? Should not that be another session?

No. If you enter the application again before the session times out, it will still be the same active session. I changed the code around so that I don't have to worry about it. I'm setting a map inside of the session and saving all of my attributes inside of the map. So, instead of trying to invalidate the session, I just clear the map every time a user logs in. Thanks for the help everyone!

That's a much more sensible approach.