Hello,
It seems in Tomcat 4.1.24 HttpSession is already invalid when passed to
HttpSessionListener.sessionDestroyed(), which just does not make sense.
API Docs say: "public void sessionDestroyed(HttpSessionEvent se)
Notification that a session is about to be invalidated.", in my opinion
"about to be" means that the Session should be valid when this method is
called until it returns.
I think the problem lies within StandardSession.expire method:
It is:
public void expire(boolean notify) {
// Mark this session as "being expired" if needed
if (expiring)
return;
expiring = true;
setValid(false); // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<
// Remove this session from our manager's active sessions
[...]
}
While I believe (I'm about to test it in next few hours) it should be:
public void expire(boolean notify) {
// Mark this session as "being expired" if needed
if (expiring)
return;
expiring = true;
// Remove this session from our manager's active sessions
[...]
// We have completed expire of this session
setValid(false); // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
expiring = false;
if ((manager != null) && (manager instanceof ManagerBase)) {
recycle();
}
}
Greetings, deacon Marcus
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
