Mantis - Resin
Viewing Issue Advanced Details
5919 minor always 06-18-15 08:43 07-27-15 10:24
ferg  
ferg  
normal  
closed 4.0.40  
fixed  
none    
none 4.0.45  
0005919: session.getAttribute not allowed in sessionDestroy
(rep by Shinomiya Nobuaki)
I'm using Resin 4.0.40.

The following exception has occurred.
{{{
 java.lang.IllegalStateException: SessionImpl[aaacdIdZjcZxjgqRTWu3u,/xxxt]: can't call getAttribute() when session is no longer valid.
       at com.caucho.server.session.SessionImpl.getAttribute(SessionImpl.java:351)
 (2) at xxxr.RemoveLoginSessionListener.sessionDestroyed(RemoveLoginSessionListener.java:37)
       at com.caucho.server.session.SessionImpl.notifyDestroy(SessionImpl.java:1148)
       at com.caucho.server.session.SessionImpl.removeEvent(SessionImpl.java:1125)
       at com.caucho.util.LruCache.remove(LruCache.java:621)
       at com.caucho.server.session.SessionManager.removeSession(SessionManager.java:1725)
       at com.caucho.server.session.SessionImpl.invalidate(SessionImpl.java:1221)
       at com.caucho.server.session.SessionImpl.invalidate(SessionImpl.java:1068)
 (1) at xxx.util.HttpSessionRefresh.execute(HttpSessionRefresh.java:89)
       .
       .
       .
}}}

It becomes following of source when I simplify (1) and (2).

(1)
{{{
 public class HttpSessionRefresh {
     .
     .
     .
     public static HttpSession execute(final HttpServletRequest request) {
         HttpSession session = request.getSession(false);
         if(session != null){
             session.invalidate(); // <---- (A)
         }
         .
         .
         .
}}}

(2)
{{{
 public class RemoveLoginSessionListener implements HttpSessionListener {
     .
     .
     .
     public void sessionDestroyed(final HttpSessionEvent event) {
         final HttpSession session = event.getSession(); // <---- (B)
         .
         .
         .
}}}


There are no notes attached to this issue.