Session invalidate or removing attribute

what is the difference between session invalidate and removing the session attribute?

Hi,
Think of a session as a chalkboard, and different requests from the same user can use the chalkboard to post information for subsequent requests to see. Suppose you use session.setAttribute() to write two pieces of information on the session chalkboard, say, the user's name and credit card number. If you call session.removeAttribute(creditCard), then the credit card number will be erased from the session chalkboard. However, the user's name will still be written on the session chalkboard for subsequent requests to see. Subsequent requests from the same user can also post new information on the session chalkboard.
On the other hand, if you call session.invalidate(), that's like having a janitor rip the session chalkboard off the wall, break it over his knee, and dispose of it in the nearest dumpster. After that, requests can no longer see the user's name written on the chalkboard, and the requests do not have a session chalkboard to post additional information.

Similar Messages

  • Does calling session.invalidate() also removes all the session attriutes?

    Hi,
    I want to know whether calling session.invalidate() also removes any objects in the session attributes.or we have to explicitly remove objects from the attributes.
    I want to know this because my application is having some memory related problems. In my application when a user logs in we put many String objects int the session using session.setAttribute.
    Now when the user logs out we call session.invalidate() .
    Will these String objects occupy memory (i.e. will they be garbage collected ) after I call session.invalidate() ?
    or
    I have to explicitly remove all the session attributes programmatically?
    Any assistance would be of great help.
    Thanks & Regards,
    Nirmal

    Sigh. The invalidate dereferences all attributes from the current session. If the object doesn't have any other references (servlets? filters? listeners? whatever) then it will be eligible for GC. The object i.e the String objects does'nt have any remaining references after I nullified the arrayList (which was the one and only refeferencing the String Objects).
    There isn't any servlet, filter, no other entity that is referencing the arraylist once the user's session is invalidated.
    But still when I take the heap dump I'm gettingt those String objects in the heap.........
    Once a user logs off we call his/her session.invalidate() and we don't want any of his/her arrayList (containing String objects) in the memory anymore.
    Please tell me according to you what should be done in order to get rid of the unwanted String objects in the heap, beside my silly lines of code.
    I've load tested the application using jmeter (say for 100 users) and for each of the users the String objects(contained in ArrayLIst) stored in the session are still available even though we called session.invalidate() for each of the user.
    This is a major concern for memory related problems that we people are facing here.
    Any help would be of great ......
    Thanks & Regards,
    Nirmal

  • Session.removeAttribute and session.invalidate

    I pass a scoped object from one JSP #1 to JSP #2 in a session.
    In JSP #1, I did:
           <c:set var="cr" value="${articleForm.creator}" scope="session"/>In JSP #2, I did:
          <bean:define id="author" name="cr" scope="session" type="java.lang.String"/>
          <html:text property="receiver" value="<%=author%>" size="82" maxlength="25" tabindex="1"/>Immediately after I output the value, I want to remove the object from the session. I have two questions:
    1. which one of the following should I do:
           session.removeAttribute( "cr" );or
           session.removerAttribute( "author" );or
           session.removeAttribute( "receiver" );2. Do I have to invalidate the session; i.e. session.invalidate(); after all the objects in the session are removed?

    I pass a scoped object from one JSP #1 to JSP #2 in a session.
    In JSP #1, I did:
           <c:set var="cr" value="${articleForm.creator}" scope="session"/>In JSP #2, I did:
          <bean:define id="author" name="cr" scope="session" type="java.lang.String"/>      <html:text property="receiver" value="<%=author%>" size="82" maxlength="25" tabindex="1"/>Immediately after I output the value, I want to remove the object from the session. Which one of the following should I do:
           session.removeAttribute( "cr" );or
           session.removerAttribute( "author" );or
           session.removeAttribute( "receiver" );

  • ISE External RADIUS proxy remove attributes

    Hi all,
    I setup external RADIUS for authenticating external users on ISE 1.2  - I need to remove all attributes received from the external RADIUS but I cannot find how to do it.
    I checked the option
    On Access-Accept, continue to Authorization Policy
    in RADIUS server sequense Advanced Attribute settings 
    and in Authorization policy I setup proper attributes but I found the attributes from external RADIUS server are in the Access-Acceept response too.
    This is RADIUS debug from the switch:
    Apr 10 09:35:51 CEST: RADIUS: User-Name [1] 17 "xxxxxxxxxxxxx"
    Apr 10 09:35:51 CEST: RADIUS: Session-Timeout [27] 6 3600
    Apr 10 09:35:51 CEST: RADIUS: Termination-Action [29] 6 1
    Apr 10 09:35:51 CEST: RADIUS: Tunnel-Type [64] 6 00:VLAN [13]
    Apr 10 09:35:51 CEST: RADIUS: Tunnel-Type [64] 6 01:VLAN [13]
    Apr 10 09:35:51 CEST: RADIUS: Tunnel-Medium-Type [65] 6 00:ALL_802 [6]
    Apr 10 09:35:51 CEST: RADIUS: Tunnel-Medium-Type [65] 6 01:ALL_802 [6]
    Apr 10 09:35:51 CEST: RADIUS: EAP-Message [79] 6
    Apr 10 09:35:51 CEST: RADIUS: 03 08 00 04
    Apr 10 09:35:51 CEST: RADIUS: Message-Authenticato[80] 18
    Apr 10 09:35:51 CEST: RADIUS: BA 8C BC 8D 69 23 2B 7D 8A 70 20 D4 DE 96 0B E2 [ i#+}p ]
    Apr 10 09:35:51 CEST: RADIUS: Tunnel-Private-Group[81] 4 "17"
    Apr 10 09:35:51 CEST: RADIUS: Tunnel-Private-Group[81] 7 01:"v230"
    Apr 10 09:35:51 CEST: RADIUS: Vendor, Cisco [26] 22
    Apr 10 09:35:51 CEST: RADIUS: Cisco AVpair [1] 16 ""ssid=eduroam""
    Apr 10 09:35:51 CEST: RADIUS: Vendor, Cisco [26] 37
    Apr 10 09:35:51 CEST: RADIUS: Cisco AVpair [1] 31 "termination-action-modifier=1"
    Apr 10 09:35:51 CEST: RADIUS: Vendor, Microsoft [26] 58
    Apr 10 09:35:51 CEST: RADIUS: MS-MPPE-Send-Key [16] 52 *
    Apr 10 09:35:51 CEST: RADIUS: Vendor, Microsoft [26] 58
    Apr 10 09:35:51 CEST: RADIUS: MS-MPPE-Recv-Key [17] 52 *
    As you can see a lot of attributes are twice in the response. I need only "v230" set as VLAN ID
    I looked for removing the attributes but "Modify attribute" settings (iether "in the request" or "before access-apccept") offer only subset of RADIUS attributes - I need to remove attribute 81 - Tunnel Network Private Group - but it is not offered there.
    Can somebody advice me, how to (idealy) remove all atrributes from external RADIUS or at least remove set of attributes at minimum with attribute 81?
    Thank you for any help

    Thank you,
    I duplicated the Dot1x Authentication Rule, and changed allowed protocols to "RADIUS Server Sequence : MySequence"
    In the RADIUS Server Sequence under the advanced tab I have it set to "Continue to Authorization Policy'.
    Which Authorization rule would match?
    Network Access:RADIUS Server Sequence EQUAL MySequence
    OR
    Network Access:UseCase EQUALS Proxy
    OR
    None of the above?
    Thanks

  • Session.invalidate works on tomcat but not in WebSphere Server

    I'm trying to figure out a .jsp written by another developer in WS Studio.
    The page does this:
    session = request.getSession(false);
    session.setMaxInactiveInterval(5);
    then almost immediately, does this:
    session.invalidate();
    In Tomcat, I get the "session already invalidated" error message I would expect. However, In WS Server, the rest on the page loads, and I can continue to interact with the application. I'm using IE 6.0, sp2.
    The "session.setMaxInactiveInterval(5);" call seems to have no effect in either container; al least, the application never times out.
    The most important thing for my purposes is to be able to invalidate the session in websphere. How can I fix this? Thanks!

    duffymo wrote:
    Is the machine that you ran this simple java class on the same one where you're >deploying the web app?Same machine where my sql connections bug. I just copypasted it into a file in tomcat5.5/webapps directory and then compiled it and used it from there. I used it from command line.
    duffymo wrote:
    how well do you know jsps, tomcat, and web apps? sure it's deployed properly? if you >put in a simple jsp and invoked it via tomcat, would you be able to do it?Dont know jsps well. :) Essentially my jspservlet thingie works normally on my computer through my tomcat and on other computers which have netbeans etc... It compiles .war file and ive copied that .war file to the target server's tomcat webapps directory, then when I access the website of my jspservlet tomcat unpacks it and shows my jsp pages normally if they have no sql components. So at least jsp pages are working... :)
    "minor modifications"? sure those are right? you wouldn't be the first programmer to fool >themselves by saying "it's the same code - except for X."
    try you "minor modifications" on the command line, too.First I used with main on command line, then removed main etc... and included it into my project.

  • ViewExpiredException issue with session invalidate on IE9

    Hi guys,
    I have posted this on the ADF forum as well as I'm not sure of the root cause is JHeadstart related or not - but I thought I would check also here to see if anyone else has encountered this ...
    I'm using JDeveloper 11.1.1.6 (JHeadstart 11.1.1.4.26) and having problems when calling "session.invalidate();" with my custom JhsAuthenticationFilter. If i log on and immediately log out (so no web.xml timeout which is set to 25 min) - The message shown on screen is
    "Because of inactivity, your session is timed out and is no longer active. Click on OK to reload the page"
    In the log files, the following error is thrown
    <BindingContext> <put> [3126] Replacing: null with: XXXXX_UIShellPageDef
    <StateManagerImpl> <restoreView> Could not find saved view state for token -a6jozll3a
    <LifecycleImpl> <_handleException> ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RESTORE_VIEW 1
    javax.faces.application.ViewExpiredException: viewId:/pages/UIShell.jspx - ADF_FACES-30107:The view state of the page has expired.  Reload the page.
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._restoreView(LifecycleImpl.java:751)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:374)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:194)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
         at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at hmdclinical.pulse.view.PulseAuthenticationFilter.doFilter(PulseAuthenticationFilter.java:273)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
         at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
         at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    <ADFLogger> <addContextData> Execute queryI have the web.xml parameter org.apache.myfaces.trinidad.CLIENT_STATE_MAX_TOKENS set to 15.
    This ONLY happens when using IE9 - using Firefox or Chrome it's not a problem. I'm guessing something is trying to access the page def after the token for the view has already been removed as part of the session.invalidate() ?
    How can I find out what the root cause is and why is this only a problem with IE and not Chrome or Firefox ?
    Any help greatly appreciated !!
    Cheers,
    Brent

    Brent,
    I think it is best to make a very simple testcase without JHeadstart (you can cust and paste code from the jhs auth fillter as needed) and then attach your testcase to the post on JDev forum, or copntact Oracle support.
    Looks like a browser-specific ADF bug to me.
    Steven Davelaar,
    JHeadstart Team.

  • Issue with session.invalidate() in OC4J

    Ok, here's the thing- I've got a servlet that autogenerates
    pages to the client via XSL; so far so good. However whenever
    the login page is displayed, we would like to "logout" the
    current user if there is one and start fresh, as it were. All of
    our persistent data is stored via the user's session object so
    we are doing something like this:
    public void doGet( HttpServletRequest request) {
    HttpSession session = request.getSession();
    // Some misc. stuff happens here;
    // Nothing is written to the session, however
    if ( page == LOGIN_PAGE) {
    session.invalidate();
    session = request.getSession();
    String info = session.getAttribute( "INFO");
    As soon as we request the attribute, after performing the
    session invalidation & re-obtaining a new session the system
    bails with an IllegalStateException: Session invalidated
    exception.
    Note that the exact same code works under the Sun Reference
    Implementation (Apache Groups Tomcat 4.0) and is pretty much
    verbatim from Jason Hunter's book Java Servlet Programming 2nd
    Edition pg. 220.
    Any ideas for a fix and/or workaround?

    Hi
    This works, here is a sample I've run on OC4J
    public class SessionTestServlet extends HttpServlet
    private static final String CONTENT_TYPE = "text/html";
    HttpSession sess = null;
    private static boolean login_page = true;
    public void init(ServletConfig config) throws ServletException
    super.init(config);
    public void doGet(HttpServletRequest request,
    HttpServletResponse response) throws ServletException,
    IOException
    sess = request.getSession(true);
    try
    if (login_page)
    if(sess != null)
    sess.invalidate();
    sess = request.getSession(true);
    sess.setAttribute("name","kalle");
    catch(Exception e)
    e.printStackTrace();
    response.setContentType(CONTENT_TYPE);
    PrintWriter out = response.getWriter();
    out.println("<html>");
    out.println
    ("<head><title>SessionTestServlet</title></head>");
    out.println("<body>");
    out.println("<p>Session: "+ sess+"<p>Name: "+
    sess.getAttribute("name"));
    out.println("</body></html>");
    out.close();
    Regards
    //Mike

  • Removing attributes from node

    Hi,
    Im creating a node and its attributes dynamically and binding it to a table to show a table dynamically. The problem is that when i load a new item, i have to rebuild the node and table because it might have different columns. The node allways has 3 fixed columns (id, name, description) so first i have to remove all of the attributes except the id, name and description. Same for the table columns. Can anyone tell me how to remove attributes from a node or how to differently solve my problem? All i see is how to remove an element but is a data right, not the model?
    Much thanks,
    Hugo Hendriks

    Hi,
    I had a similar situation, where 2 table columns were always present, and the name and type of other columns were only available runtime.
    I simply deleted all data (invalidate()) and recreated the context from scratch after each model execution that impacts the table structure.
    Otherwise, use the API to find the right methods for deleting Nodes and Elements.
    https://media.sdn.sap.com/javadocs/NW04/SPS15/wd/index.html
    Good luck,
    Roelof

  • Session.invalidate()

    Hi Techies,
    I am new to servlet, can any one please explore what happens internally when we call session.invalidate().
    whether it removes the session completely?
    thanks in advance.

    Nitin.V wrote:
    if (session != null) {
                   session.invalidate();
                   RequestDispatcher rd = req.getRequestDispatcher(LOGOUT_URL);
                    rd.forward(req, res);
    System.out.println(session);in the last line i am still getting the value of this session.
    what i am expecting is, it should print null value after being invalidating but i am getting session value.
    could you please explore this.
    No, you shouldn't get null. The session you are referencing still exists, it is just invalid. Any further call to getSession(false) will return null, but the current reference still exists. If you want to get null in the current page/servlet then set your variable "session" to null (which does nothing to the actual session object, it simply removes your reference to it) after you call invalidate. I stressed after, because if you simply set your variable to null, the session itself, will still be valid.

  • Session.invalidate() result ?

    Hello All,
    Can someone please help me on this doubt.
    When i call session.invalidate() in my servlet.
    And suppose i have a class implementing HttpSessionBindingListener,
    And also class implementing the HttpSessionListener,
    What will be the order of calling for
    vallueUnbound() and sessionDestroyed() in this case.
    And also when i just call a session.removeAttribute() for the object of class implementing HttpSessionBindingListener,
    is the vallueUnbound() callled on the object before the container removes the object or after it has been removed?
    Please advise.
    Thanks

    What will be the order of calling for vallueUnbound() and sessionDestroyed() in this case.Depends on the server. For example tomcat 5 as I recall did it in the wrong order while Tomcat 6 does valueUnbound() first. I think for any self respecting application server, you will get dependable results, meaning valueUnbound() is called first.
    And also when i just call a session.removeAttribute() for the object of class implementing HttpSessionBindingListener,
    is the vallueUnbound() callled on the object before the container removes the object or after it has been removed?
    Please advise.
    test it out. I can tell you right now that it will be called after the object is removed, but how can you be sure that I am not making it up? Create a simple test case and see what happens, it shouldn't take you more time than it took you to post this message.

  • Session.invalidate & session.removeAttribute()

    hi,
    i need a clarification....does session.invalidate() also remeove all the attributes and their values or do i need an explicit session.removeAttribute("var_name") ??????????
    if i use session.removeAttribute i get cannot resolve symbol at compile time!
    thank u,
    ashna

    check out,
    1. maybe you are trying to run removeAttribute, AFTER invalidate().
    2. you have given wrong name as argument to removeAttribute().
    just call invalidate(), you dont need to call removeAttribute().

  • Session timeout and session.invalidate() -- are they the same?

    I was just wondering when a session timeout occurs (either by setting the session-timeout in web.xml or the server's default timeout), is the session automatically invalidated? Or should we call setMaxInactiveInterval() instead? Or is calling session.invalidate() the only way to invalidate a session?

    Hello all,
    Both are same in terms of functionality, but if you use both of them like
    1: You specified the tag sessionTimeout and
    2: in your program the session.maxInactiveIntervalTime( value ) here if the value is(we gave it in terms of seconds like for 40 minutes we give 2400) then the program code will override the value previously set in web.xml
    Thanks
    Prabhakar

  • [Bug ?] ADFC-00008 again, after session.invalidate() in ADF BC application

    Hi all,
    We would like to know wheter session.invalidate() is supposed to be a valid operation in one Action JSF method, within one ADF BC Fusion Web application ?
    When our jsf page uses data controls based od ADF BC, and one of our action method uses
       session.invalidate();then action method executes as expeced, but any following action produces following problem (JDev 11 final):
    oracle.adf.controller.ControllerException: ADFC-00008: Failed to find DataControlFrame for a task flow.
         at oracle.adfinternal.controller.util.Utils.createAndLogControllerException(Utils.java:201)
         at oracle.adfinternal.controller.util.model.DCFrameImpl.makeCurrent(DCFrameImpl.java:126)
         at oracle.adfinternal.controller.state.ViewPortContextImpl.makeCurrent(ViewPortContextImpl.java:924)
         at oracle.adfinternal.controller.state.RequestState.setCurrentViewPortContext(RequestState.java:134)
         at oracle.adfinternal.controller.state.ControllerState.setRequestState(ControllerState.java:832)
         at oracle.adfinternal.controller.state.ControllerState.synchronizeStatePart1(ControllerState.java:361)
         at oracle.adfinternal.controller.application.SyncNavigationStateListener.beforePhase(SyncNavigationStateListener.java:89)
         at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.beforePhase(ADFLifecycleImpl.java:549)
         at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchBeforeEvent(LifecycleImpl.java:98)
         at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchBeforePagePhaseEvent(LifecycleImpl.java:145)
         at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchBeforePagePhaseEvent(ADFPhaseListener.java:110)
         at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:57)
         at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:42)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:228)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:175)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:181)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:278)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:238)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:195)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:138)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:102)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:65)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3496)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(Unknown Source)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)- anyone wants test case which illustrates problem ? We have one based on Oracle fod/fusion demo schema...

    Cvele wrote:
    is this mean that session.invalidate() is not a valid operation in this situation ?
    Note that problem does not occur if application does not use ADF Business Components ...
    - so, can we forget about session.invalidate() when using ADF BC ?
    In this case, what is alternative; how, for example, notify application module instances that application should be connected to the another one dataSource ?
    Invalidating session solves this problem ....

  • Urgent!! Problem in using session invalidate()

    Dear all,
    I think may be the problem has been posted here before, but i can't find the solution yet. I hope you can help me about this.
    My case is that i wrote a logout servlet for my web site. So i use session.invalidate() in the servlet. After that it will redirect to the home page again. At this time, NullPointerException is thrown. I have tried many ways to solve this problem, but still failed.
    Can anyone help me? Thanks for advanced.
    Priscilla

    here is the error printed out:
    java.lang.NullPointerException
         at com.sssw.srv.http.CommonLogger.log(CommonLogger.java:217)
         at com.sssw.srv.http.httpd.log(httpd.java:4229)
         at com.sssw.srv.http.Client.log(Client.java:254)
         at com.sssw.srv.http.Client.loop(Client.java:1300)
         at com.sssw.srv.http.Client.runConnection(Client.java:1495)
         at com.sssw.srv.http.Client.run(Client.java:1442)
         at java.lang.Thread.run(Thread.java:479)

  • Urgent: session invalidate problem

    Guys:
    Has anyone had a issue with session.invalidate() using weblogic 8.1.
    we have vignette portal and weblogic 8.1.
    the problem i have noticed is session.getId retunrns a extra timestamp string in the end. And i am thinking since this changes the entire sessionid, it does not get invalidated. I tried adjusting the weblogic.xml's idlength session-param to 52 but this still happens after that. can anyone suggest any insights. i am unable to kill the session and hence the user is always logged in. the only way is to close to broswer window.

    here is the error printed out:
    java.lang.NullPointerException
         at com.sssw.srv.http.CommonLogger.log(CommonLogger.java:217)
         at com.sssw.srv.http.httpd.log(httpd.java:4229)
         at com.sssw.srv.http.Client.log(Client.java:254)
         at com.sssw.srv.http.Client.loop(Client.java:1300)
         at com.sssw.srv.http.Client.runConnection(Client.java:1495)
         at com.sssw.srv.http.Client.run(Client.java:1442)
         at java.lang.Thread.run(Thread.java:479)

Maybe you are looking for

  • SharePoint 2010 Web Analytics Reports Not Displaying Data

    Hi, I'm currently having some issue with the Web Analytics Reports. It had been working fine for the past 1 year and suddenly a few months back, the Web Analytics is not showing any data. Have already troubleshoot the issue using the Troubleshooting

  • Premiere Pro CC features not showing up

    I purchased a Creative Cloud membership today and was expecting the version of Premiere Pro to be different, particularly to have the feature that syncs audio in multpiple clips, but the software appears to be exactly the same. Are those new features

  • Using JNLP with Netbeans on Mac OSX

    I am trying to get an idea on JNLP by running locally from folder before I start using it with web server. Therefore its a new-bie question. I have a jar file in "netbeansProjectFolder/dist" folder along with library folders. I created a jnlp file in

  • Vsm-adf.jar and vsm-bc4j.jar are same ??

    I donwloaded the sample code for Vsm-adf.jar and vsm-bc4j.jar . But both looks similar. Anybody got any clue Please let me know

  • Keynote 6.0 print changes

    Keynote 6.0 substantially changes the printing options from 5.3.  Can we somehow get the "add borders around slides" option back and use the version 5.3 print borders.?  The new borders are huge.