Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

invalidate method of HttpSession  RSS feed

 
Tal Goldstein
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi
when doing a logout on my application (running on weblogic), Im calling the invalidate() method like this:

HttpServletRequest request = ServletActionContext.getRequest();
request.getSession().invalidate();

but after I try to login again to the application, It seems that the session still exists:

ServletActionContext.getRequest().getSession(false)

doesn't return null, but it returns a session that its creation time is exactly the time when I logged out (called the invalidate()).

this is the case only when trying to login for the second time.
if I login to the app for the first time, then the getSession(false) returns null.

so, to solve this issue, I also check if the session has any attributes, and if it doesn't then I assume that the invalidate method was called before, but its still odd that invalidate does release the attributes of the session, but it doesnt end the session,
any ideas why this happens?
Thanks
Tal
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 66182
146
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Checking for a scoped attribute (what you called an attribute) in the session is the correct approach. You shouldn't be relying on the existence or newness of the session but with data that you put into the session.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!