Solved

question about invalidate()

Posted on 2006-10-28
17
324 Views
Last Modified: 2008-01-09
Hi,

A user can, on my website, log out.

1) He clicks on a link
    <li><a href="index.html?do=logout">déconnexion</a></li>
    The page will be forwarded to the servlet index.html

2) In the servlet, I invalidate the session, then forward to index.jsp

            else if(action.equals("logout")) {
                  HttpSession session = request.getSession();
                  session.invalidate();
                  getServletContext().getRequestDispatcher(urlIndex).forward(request,response);
                  return;
            }

3) In index.jsp, I have this code :
    <%
      metier.IUtilisateur util = (metier.IUtilisateur) session.getAttribute("utilisateur");
    %>
    <% if(util == null) { %>
          <link rel="stylesheet" type="text/css" href="css/menu2NonAuthentifie.css"/>
    <% } else { %>
          <link rel="stylesheet" type="text/css" href="css/menu2Authentifie.css"/>
    <% } %>

    And util gives me null, without an exception. (I know the code is not nice)


But why when I try this in a JSP (for testing) :

            session.invalidate();
            
            metier.IUtilisateur util = (metier.IUtilisateur) session.getAttribute("utilisateur");
            if(util == null) {
                        [...]

I have an error :

java.lang.IllegalStateException: "getAttribute": Session déjà invalidée
      org.apache.catalina.session.StandardSession.getAttribute(StandardSession.java:1011)
      org.apache.catalina.session.StandardSessionFacade.getAttribute(StandardSessionFacade.java:109)
      org.apache.jsp.chat2_jsp._jspService(chat2_jsp.java:61)
      org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
      org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332)
      org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
      org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
      controleur.Controleur.connecterChat(Controleur.java:268)
      controleur.Controleur.doGet(Controleur.java:78)
      controleur.Controleur.doPost(Controleur.java:375)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:802)



0
Comment
Question by:matthew016
  • 7
  • 6
  • 2
  • +1
17 Comments
 
LVL 16

Assisted Solution

by:suprapto45
suprapto45 earned 100 total points
ID: 17825731
You definitely get error as you have already invalidated the session.

Try the procedure as below.

          session.invalidate();
         
         
          if(session.getAttribute("utilisateur") == null) {
                // do whatever you want if it is null
          }
          else {
                // do whatever you want if it is NOT null
                metier.IUtilisateur util = (metier.IUtilisateur) ;
          }
0
 
LVL 9

Author Comment

by:matthew016
ID: 17825736
Ok, but why with the points 1), 2) and 3) I have no errors,
I do exactly the same thing
0
 
LVL 16

Expert Comment

by:suprapto45
ID: 17825782
Okay,

One question. For point #3, is "<link rel="stylesheet" type="text/css" href="css/menu2NonAuthentifie.css"/>" executed?
0
 
LVL 9

Author Comment

by:matthew016
ID: 17825793
Yes, that all works fine ...
0
 
LVL 16

Expert Comment

by:suprapto45
ID: 17825808
Mm...., this is weird

I just realized that it is not NullPointerException but IllegalStateException. Give me a sec
0
 
LVL 16

Expert Comment

by:suprapto45
ID: 17825823
In point #3,

Do you catch any exception or any error message in the console?
0
 
LVL 9

Author Comment

by:matthew016
ID: 17825830
Nothing.
That's why I post this question, because I don't understand why with 1)2)3) it works
and not when I put the instructions close to each other.
0
 
LVL 16

Expert Comment

by:suprapto45
ID: 17825847
I do not really know what happens.

If in my local machine, it definitely throws me the NullPointerException. The reason you get the IllegalStateException is because you use
http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpSession.html

However, for the working case in the #3, I don't really know why. It should not work. Sorry, can't help further.

David
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 9

Author Comment

by:matthew016
ID: 17825899
So do u test each time, before accessing a session, if it is valid ?
0
 
LVL 16

Expert Comment

by:suprapto45
ID: 17825975
Yes,

You have to do that instead of directly accessing it. when the session is valid, it is working fine but if the session is not valid, you will get NullPointerException as you are trying to cast NULL values to certain classes as

metier.IUtilisateur util = (metier.IUtilisateur) session.getAttribute("utilisateur");

if it is null, it is somehing like

metier.IUtilisateur util = (metier.IUtilisateur) null;

David
0
 
LVL 16

Expert Comment

by:suprapto45
ID: 17825986
My suggestion is to keep this thread open for few more days as today is weekend and not all experts are available here.

Hopefully by Monday some other experts may pop in and give you the right answer.
0
 
LVL 10

Accepted Solution

by:
jaggernat earned 200 total points
ID: 17826133
i agree with supraptos' first post. since you invalidate the session, you get this error
>>java.lang.IllegalStateException: "getAttribute": Session déjà invalidée

Now, why you dont get error with 1,2,3.
From page1 you hit logout, and it goes to step2, to the servlet and you invalidate the session in the servlet. At this point all the values from the session are completely lost and then you forward to step3 which is a fresh request to index.jsp page. In index.jsp page util= null since the session does not have "utilisateur"  (becoz session was blanked out in step2)

so i dont see why 1,2,3 should not work :)

 Actually , you should never invalidate the session in jsp, A servlet or a Java class is the right place to invalidate the session.

0
 
LVL 27

Expert Comment

by:rrz
ID: 17826545
I agree with suprato45 and jaggernat.
We are talking about two session objects in the 123  testing sequence.  But only one session object in the single page test.
0
 
LVL 9

Author Comment

by:matthew016
ID: 17828328
Ok, I think I understand.

Correct me if I'm wrong,

in step two I "delete" the session,
and when I forward to index.jsp (step 3) A new session is created where I do not have attribute "utilisateurs" in it.
0
 
LVL 27

Assisted Solution

by:rrz
rrz earned 200 total points
ID: 17828898
Yes, that is right.   A JSP automatically provides a session object unless you use  
<%@ page session="false" %>  
In step3 you have new session with no attributes set.  
0
 
LVL 10

Expert Comment

by:jaggernat
ID: 17829128
agree with rrz
0
 
LVL 9

Author Comment

by:matthew016
ID: 17830693
Thank u very much for your support !
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now