Session.invalidate & session.removeAttribute()

hi,
i need a clarification....does session.invalidate() also remeove all the attributes and their values or do i need an explicit session.removeAttribute("var_name") ??????????
if i use session.removeAttribute i get cannot resolve symbol at compile time!
thank u,
ashna

check out,
1. maybe you are trying to run removeAttribute, AFTER invalidate().
2. you have given wrong name as argument to removeAttribute().
just call invalidate(), you dont need to call removeAttribute().

Similar Messages

  • Issue with session.invalidate() in OC4J

    Ok, here's the thing- I've got a servlet that autogenerates
    pages to the client via XSL; so far so good. However whenever
    the login page is displayed, we would like to "logout" the
    current user if there is one and start fresh, as it were. All of
    our persistent data is stored via the user's session object so
    we are doing something like this:
    public void doGet( HttpServletRequest request) {
    HttpSession session = request.getSession();
    // Some misc. stuff happens here;
    // Nothing is written to the session, however
    if ( page == LOGIN_PAGE) {
    session.invalidate();
    session = request.getSession();
    String info = session.getAttribute( "INFO");
    As soon as we request the attribute, after performing the
    session invalidation & re-obtaining a new session the system
    bails with an IllegalStateException: Session invalidated
    exception.
    Note that the exact same code works under the Sun Reference
    Implementation (Apache Groups Tomcat 4.0) and is pretty much
    verbatim from Jason Hunter's book Java Servlet Programming 2nd
    Edition pg. 220.
    Any ideas for a fix and/or workaround?

    Hi
    This works, here is a sample I've run on OC4J
    public class SessionTestServlet extends HttpServlet
    private static final String CONTENT_TYPE = "text/html";
    HttpSession sess = null;
    private static boolean login_page = true;
    public void init(ServletConfig config) throws ServletException
    super.init(config);
    public void doGet(HttpServletRequest request,
    HttpServletResponse response) throws ServletException,
    IOException
    sess = request.getSession(true);
    try
    if (login_page)
    if(sess != null)
    sess.invalidate();
    sess = request.getSession(true);
    sess.setAttribute("name","kalle");
    catch(Exception e)
    e.printStackTrace();
    response.setContentType(CONTENT_TYPE);
    PrintWriter out = response.getWriter();
    out.println("<html>");
    out.println
    ("<head><title>SessionTestServlet</title></head>");
    out.println("<body>");
    out.println("<p>Session: "+ sess+"<p>Name: "+
    sess.getAttribute("name"));
    out.println("</body></html>");
    out.close();
    Regards
    //Mike

  • Session.removeAttribute and session.invalidate

    I pass a scoped object from one JSP #1 to JSP #2 in a session.
    In JSP #1, I did:
           <c:set var="cr" value="${articleForm.creator}" scope="session"/>In JSP #2, I did:
          <bean:define id="author" name="cr" scope="session" type="java.lang.String"/>
          <html:text property="receiver" value="<%=author%>" size="82" maxlength="25" tabindex="1"/>Immediately after I output the value, I want to remove the object from the session. I have two questions:
    1. which one of the following should I do:
           session.removeAttribute( "cr" );or
           session.removerAttribute( "author" );or
           session.removeAttribute( "receiver" );2. Do I have to invalidate the session; i.e. session.invalidate(); after all the objects in the session are removed?

    I pass a scoped object from one JSP #1 to JSP #2 in a session.
    In JSP #1, I did:
           <c:set var="cr" value="${articleForm.creator}" scope="session"/>In JSP #2, I did:
          <bean:define id="author" name="cr" scope="session" type="java.lang.String"/>      <html:text property="receiver" value="<%=author%>" size="82" maxlength="25" tabindex="1"/>Immediately after I output the value, I want to remove the object from the session. Which one of the following should I do:
           session.removeAttribute( "cr" );or
           session.removerAttribute( "author" );or
           session.removeAttribute( "receiver" );

  • Invalidate session with weblogic.Admin

    Hi,
    I tried to invalidate sessions using weblogic.Admin using the command: java weblogic.Admin -url t3://localhost:8013 -username system -password *** GET -pretty -type ServletSessionRuntime. The output was:
    MBeanName: "R3:Location=PIA,Name=B0lYRDnVqlw1VzPZO1XszSFlIASW017b!1102341400731,ServerRuntime=PIA,Type=ServletSessionRuntime"
    CachingDisabled: true
    MainAttribute: [email protected]/ps
    Name: B0lYRDnVqlw1VzPZO1XszSFlIASW017b!1102341400731
    ObjectName: B0lYRDnVqlw1VzPZO1XszSFlIASW017b!1102341400731
    Parent: PIA
    Registered: true
    TimeLastAccessed: 1102341410448
    Type: ServletSessionRuntime
    Then tried to invalidate it using:
    java weblogic.Admin -url t3://localhost:8013 -username system -password *** INVOKE -mbean "R3:Location=PIA,Name=B0lYRDnVqlw1VzPZO1XszSFlIASW017b!1102341400731,ServerRuntime=PIA,Type=ServletSessionRuntime" -method INVALIDATE
    ANd the error message: bash: !1102341400731: event not found
    Do you know how to handle this? Or any other way to invalidate session from weblogic.Admin?
    WLS 8.1 SP1
    Regards
    Tomi

    Hello,
    I have a system consisting of three different departments, each department has its own login page with different username and password.
    from the same browser, all three administrators can log in successfully, during there login, one session is created with different attributes for each of them, if any one administrator logs out, I invalidate the session, which logs out the other two administrators.
    Can I use session Id to log out on administrator while the other two can stay logs in?
    If I am using the wrong approach all together, can anyone suggest an alternative please?
    here is my code to create session:
    // if correct username and password entered then create session
    String financeAdminSess = adminUsername;
    session.setAttribute("financeAdminSess", adminUsername);                                        
    String redirectURL = "finance_admin_home.jsp";
    response.sendRedirect(redirectURL);
    and here is the code for loggin out:
    // get session
    String financeAdminSess=(String) session.getAttribute("financeAdminSess");
    // remove session
    session.removeAttribute("financeAdminSess<br />");
    // invalidate session
    session.invalidate();
    Any suggestion would be much appreciated.
    Thanks
    Shaxo

  • Invalidate session with specific sessionId

    Hi there,
    Is it possible to invalidate session with specific sessionId?
    Thanks.

    Hello,
    I have a system consisting of three different departments, each department has its own login page with different username and password.
    from the same browser, all three administrators can log in successfully, during there login, one session is created with different attributes for each of them, if any one administrator logs out, I invalidate the session, which logs out the other two administrators.
    Can I use session Id to log out on administrator while the other two can stay logs in?
    If I am using the wrong approach all together, can anyone suggest an alternative please?
    here is my code to create session:
    // if correct username and password entered then create session
    String financeAdminSess = adminUsername;
    session.setAttribute("financeAdminSess", adminUsername);                                        
    String redirectURL = "finance_admin_home.jsp";
    response.sendRedirect(redirectURL);
    and here is the code for loggin out:
    // get session
    String financeAdminSess=(String) session.getAttribute("financeAdminSess");
    // remove session
    session.removeAttribute("financeAdminSess<br />");
    // invalidate session
    session.invalidate();
    Any suggestion would be much appreciated.
    Thanks
    Shaxo

  • Session.invalidate() result ?

    Hello All,
    Can someone please help me on this doubt.
    When i call session.invalidate() in my servlet.
    And suppose i have a class implementing HttpSessionBindingListener,
    And also class implementing the HttpSessionListener,
    What will be the order of calling for
    vallueUnbound() and sessionDestroyed() in this case.
    And also when i just call a session.removeAttribute() for the object of class implementing HttpSessionBindingListener,
    is the vallueUnbound() callled on the object before the container removes the object or after it has been removed?
    Please advise.
    Thanks

    What will be the order of calling for vallueUnbound() and sessionDestroyed() in this case.Depends on the server. For example tomcat 5 as I recall did it in the wrong order while Tomcat 6 does valueUnbound() first. I think for any self respecting application server, you will get dependable results, meaning valueUnbound() is called first.
    And also when i just call a session.removeAttribute() for the object of class implementing HttpSessionBindingListener,
    is the vallueUnbound() callled on the object before the container removes the object or after it has been removed?
    Please advise.
    test it out. I can tell you right now that it will be called after the object is removed, but how can you be sure that I am not making it up? Create a simple test case and see what happens, it shouldn't take you more time than it took you to post this message.

  • Session invalidate or removing attribute

    what is the difference between session invalidate and removing the session attribute?

    Hi,
    Think of a session as a chalkboard, and different requests from the same user can use the chalkboard to post information for subsequent requests to see. Suppose you use session.setAttribute() to write two pieces of information on the session chalkboard, say, the user's name and credit card number. If you call session.removeAttribute(creditCard), then the credit card number will be erased from the session chalkboard. However, the user's name will still be written on the session chalkboard for subsequent requests to see. Subsequent requests from the same user can also post new information on the session chalkboard.
    On the other hand, if you call session.invalidate(), that's like having a janitor rip the session chalkboard off the wall, break it over his knee, and dispose of it in the nearest dumpster. After that, requests can no longer see the user's name written on the chalkboard, and the requests do not have a session chalkboard to post additional information.

  • Is it possible to invalidate session when I click my browsers back button

    Hai
    I have a question.
    I am building a jsp page with multiple forms.As of now,
    no login system has been implemented.
    I need my session to time out when the client click on the back
    button on the browser to prevent data corruption.
    Is there a possible way to do this in Java/ Script
    I know the use of session.invalidate() but how to tie it up to the
    browser's back button
    A second problem
    If I use session.invalidate() on Tomcat 3.2
    I find that it is not invalidated.But this same function on tomcat 4
    doesn't have any problem
    Could anyone help on these issues
    Thanks

    You don't mean you want to invalidate session every time you move to a new page, do you? If you do, after implementation of login system the users will be asked for passwords at each page. If you don't, it's better to use headers for your response.
    response.setHeader("Cache-Control", "no-cache");
    response.setHeader("Expires", "-1");

  • Session timeout and session.invalidate() -- are they the same?

    I was just wondering when a session timeout occurs (either by setting the session-timeout in web.xml or the server's default timeout), is the session automatically invalidated? Or should we call setMaxInactiveInterval() instead? Or is calling session.invalidate() the only way to invalidate a session?

    Hello all,
    Both are same in terms of functionality, but if you use both of them like
    1: You specified the tag sessionTimeout and
    2: in your program the session.maxInactiveIntervalTime( value ) here if the value is(we gave it in terms of seconds like for 40 minutes we give 2400) then the program code will override the value previously set in web.xml
    Thanks
    Prabhakar

  • Session.invalidate works on tomcat but not in WebSphere Server

    I'm trying to figure out a .jsp written by another developer in WS Studio.
    The page does this:
    session = request.getSession(false);
    session.setMaxInactiveInterval(5);
    then almost immediately, does this:
    session.invalidate();
    In Tomcat, I get the "session already invalidated" error message I would expect. However, In WS Server, the rest on the page loads, and I can continue to interact with the application. I'm using IE 6.0, sp2.
    The "session.setMaxInactiveInterval(5);" call seems to have no effect in either container; al least, the application never times out.
    The most important thing for my purposes is to be able to invalidate the session in websphere. How can I fix this? Thanks!

    duffymo wrote:
    Is the machine that you ran this simple java class on the same one where you're >deploying the web app?Same machine where my sql connections bug. I just copypasted it into a file in tomcat5.5/webapps directory and then compiled it and used it from there. I used it from command line.
    duffymo wrote:
    how well do you know jsps, tomcat, and web apps? sure it's deployed properly? if you >put in a simple jsp and invoked it via tomcat, would you be able to do it?Dont know jsps well. :) Essentially my jspservlet thingie works normally on my computer through my tomcat and on other computers which have netbeans etc... It compiles .war file and ive copied that .war file to the target server's tomcat webapps directory, then when I access the website of my jspservlet tomcat unpacks it and shows my jsp pages normally if they have no sql components. So at least jsp pages are working... :)
    "minor modifications"? sure those are right? you wouldn't be the first programmer to fool >themselves by saying "it's the same code - except for X."
    try you "minor modifications" on the command line, too.First I used with main on command line, then removed main etc... and included it into my project.

  • ViewExpiredException issue with session invalidate on IE9

    Hi guys,
    I have posted this on the ADF forum as well as I'm not sure of the root cause is JHeadstart related or not - but I thought I would check also here to see if anyone else has encountered this ...
    I'm using JDeveloper 11.1.1.6 (JHeadstart 11.1.1.4.26) and having problems when calling "session.invalidate();" with my custom JhsAuthenticationFilter. If i log on and immediately log out (so no web.xml timeout which is set to 25 min) - The message shown on screen is
    "Because of inactivity, your session is timed out and is no longer active. Click on OK to reload the page"
    In the log files, the following error is thrown
    <BindingContext> <put> [3126] Replacing: null with: XXXXX_UIShellPageDef
    <StateManagerImpl> <restoreView> Could not find saved view state for token -a6jozll3a
    <LifecycleImpl> <_handleException> ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RESTORE_VIEW 1
    javax.faces.application.ViewExpiredException: viewId:/pages/UIShell.jspx - ADF_FACES-30107:The view state of the page has expired.  Reload the page.
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._restoreView(LifecycleImpl.java:751)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:374)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:194)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
         at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at hmdclinical.pulse.view.PulseAuthenticationFilter.doFilter(PulseAuthenticationFilter.java:273)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
         at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
         at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    <ADFLogger> <addContextData> Execute queryI have the web.xml parameter org.apache.myfaces.trinidad.CLIENT_STATE_MAX_TOKENS set to 15.
    This ONLY happens when using IE9 - using Firefox or Chrome it's not a problem. I'm guessing something is trying to access the page def after the token for the view has already been removed as part of the session.invalidate() ?
    How can I find out what the root cause is and why is this only a problem with IE and not Chrome or Firefox ?
    Any help greatly appreciated !!
    Cheers,
    Brent

    Brent,
    I think it is best to make a very simple testcase without JHeadstart (you can cust and paste code from the jhs auth fillter as needed) and then attach your testcase to the post on JDev forum, or copntact Oracle support.
    Looks like a browser-specific ADF bug to me.
    Steven Davelaar,
    JHeadstart Team.

  • How to invalidate session in JSP?

    I am new to web development.
    I have tried to invalidate a session with session.invalidate() but this does not seem to have invalidated the session. Any Help Please??

    please elaborate on your problem,
    session.invalidate(false) should work..false means, if there is a session, invalidate, if not..DONT create one...

  • [Bug ?] ADFC-00008 again, after session.invalidate() in ADF BC application

    Hi all,
    We would like to know wheter session.invalidate() is supposed to be a valid operation in one Action JSF method, within one ADF BC Fusion Web application ?
    When our jsf page uses data controls based od ADF BC, and one of our action method uses
       session.invalidate();then action method executes as expeced, but any following action produces following problem (JDev 11 final):
    oracle.adf.controller.ControllerException: ADFC-00008: Failed to find DataControlFrame for a task flow.
         at oracle.adfinternal.controller.util.Utils.createAndLogControllerException(Utils.java:201)
         at oracle.adfinternal.controller.util.model.DCFrameImpl.makeCurrent(DCFrameImpl.java:126)
         at oracle.adfinternal.controller.state.ViewPortContextImpl.makeCurrent(ViewPortContextImpl.java:924)
         at oracle.adfinternal.controller.state.RequestState.setCurrentViewPortContext(RequestState.java:134)
         at oracle.adfinternal.controller.state.ControllerState.setRequestState(ControllerState.java:832)
         at oracle.adfinternal.controller.state.ControllerState.synchronizeStatePart1(ControllerState.java:361)
         at oracle.adfinternal.controller.application.SyncNavigationStateListener.beforePhase(SyncNavigationStateListener.java:89)
         at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.beforePhase(ADFLifecycleImpl.java:549)
         at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchBeforeEvent(LifecycleImpl.java:98)
         at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchBeforePagePhaseEvent(LifecycleImpl.java:145)
         at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchBeforePagePhaseEvent(ADFPhaseListener.java:110)
         at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:57)
         at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:42)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:228)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:175)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:181)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:278)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:238)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:195)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:138)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:102)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:65)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3496)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(Unknown Source)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)- anyone wants test case which illustrates problem ? We have one based on Oracle fod/fusion demo schema...

    Cvele wrote:
    is this mean that session.invalidate() is not a valid operation in this situation ?
    Note that problem does not occur if application does not use ADF Business Components ...
    - so, can we forget about session.invalidate() when using ADF BC ?
    In this case, what is alternative; how, for example, notify application module instances that application should be connected to the another one dataSource ?
    Invalidating session solves this problem ....

  • Invalidate session in BlazeDS

    Hi!
    I need to integrate BlazeDS security with an external security mechanism so I have implemented custom authentication as described in http://livedocs.adobe.com/blazeds/1/blazeds_devguide/help.html?content=services_security_1 .html. Now I need to invalidate user authentication on server upon certain circunstances. When this happens, I invalidate Session contained in Request parameter of invoke method of TomcatValve. This seems to work but I get a nasty "Duplicated Http Session" in Flex client telling that cookies where removed in server. Is there any clear way to invalidate current user login from BlazeDS?
    I've also tried invalidating FlexSession but then Flex clients hangs.
    Thank you very much.
    Daniel.

    Ummm - isn't that exactly what a session timeout specifies?
    ie how long should it stick around before it "expires" and should be invalidated?
    You don't need to call session.invalidate() - it will do that all by itself.

  • Urgent!! Problem in using session invalidate()

    Dear all,
    I think may be the problem has been posted here before, but i can't find the solution yet. I hope you can help me about this.
    My case is that i wrote a logout servlet for my web site. So i use session.invalidate() in the servlet. After that it will redirect to the home page again. At this time, NullPointerException is thrown. I have tried many ways to solve this problem, but still failed.
    Can anyone help me? Thanks for advanced.
    Priscilla

    here is the error printed out:
    java.lang.NullPointerException
         at com.sssw.srv.http.CommonLogger.log(CommonLogger.java:217)
         at com.sssw.srv.http.httpd.log(httpd.java:4229)
         at com.sssw.srv.http.Client.log(Client.java:254)
         at com.sssw.srv.http.Client.loop(Client.java:1300)
         at com.sssw.srv.http.Client.runConnection(Client.java:1495)
         at com.sssw.srv.http.Client.run(Client.java:1442)
         at java.lang.Thread.run(Thread.java:479)

Maybe you are looking for