----- Original Message -----
From: "deacon Marcus" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 11, 2003 4:13 PM
Subject: Sessions - bug in Tomcat 4.1.24
> Hello,
> It seems in Tomcat 4.1.24 HttpSession is already invalid when passed to
> HttpSessionListener.sessionDestroyed(), which just does not make sense.
> API Docs say: "public void sessionDestroyed(HttpSessionEvent se)
> Notification that a session is about to be invalidated.", in my opinion
> "about to be" means that the Session should be valid when this method is
> called until it returns.
In my copy of the 2.3 Servlet Spec, section 15.1.14.1 says:
"Notification that a session was invalidated."
I read that as saying that Tomcat's behavior is corrent.
>
> I think the problem lies within StandardSession.expire method:
>
> It is:
>
> public void expire(boolean notify) {
>
> // Mark this session as "being expired" if needed
> if (expiring)
> return;
> expiring = true;
> setValid(false); // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>
> // Remove this session from our manager's active sessions
> [...]
> }
>
> While I believe (I'm about to test it in next few hours) it should be:
>
> public void expire(boolean notify) {
>
> // Mark this session as "being expired" if needed
> if (expiring)
> return;
> expiring = true;
>
> // Remove this session from our manager's active sessions
> [...]
> // We have completed expire of this session
> setValid(false); // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> expiring = false;
> if ((manager != null) && (manager instanceof ManagerBase)) {
> recycle();
> }
>
> }
>
>
> Greetings, deacon Marcus
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
