Hmm,
but I can't find a statement that the valueUnbound get an invalid session, when it called after sessionDestoryed.
HttpSessionBindingListener ===
/**
*
* Notifies the object that it is being unbound
* from a session and identifies the session.
*
* @param event the event that identifies
* the session
* * @see #valueBound
*
*/
public void valueUnbound(HttpSessionBindingEvent event);
====
I thing the part "identifies the session" is in conflict with the current tomcat implementation.
Today the user get a IllegalStateException at event.getSession().getId() instead the session identifier.
The current servlet spec is not clear at this session event definition. :(
What is correct? - current handling - emit remove session event and after this the session is invalid - remove emit event after invalidation
What we can do?
- document the situation
Add lifecycle diagrams ( state flow)
- propose a change to the spec team
Don't emit remove session attribute events, when session destoryed, like ServletContext and ServletRequest handling ( my favorit)
Only direct removeAttribute calls, emit remove event.
Peter
Remy Maucherat schrieb:
Peter Rossbach wrote:
Hups,
the remove session attribute events after session destory is documented at the servlet spec?
Any hint welcome
Yes, read the javadoc for HttpSessionBindingListener.
Rémy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
