Chris
--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
I am trying to invalidate my session by calling
HttpSession.invalidate(), the problem I am having is after I log in as a
user, then log out, then log back in, the second log in doesn't call any
of my authentication methods. On logout I am calling
HttpSession.invalidate() which doesn't throw any exceptions. To test
whether the invalidate method was actually working I made a second call
to HttpSession.invalidate() which according to the API should throw an
exception on the call to invalidate an already invalidated method. This
second invalidate doesn't throw an exception and I can still call
HttpSession.getId() and have it return a valid value. Could someone
tell me why the invalidate() method is not really invalidating or a
suggestion on a better way to do this?
- HttpSession.invalidate() not working as expected Chris Gibbons
