Urgent: session invalidate problem

Similar Messages

• Urgent:Session swapping problem

  Hi,
  We have a peculiar problem. We are running a site using JSP. Session handling has been done.
  When 2 users log in simultanesouly from different machines into our site and do a transaction, the details of the users are getting swapped between the users. The details of user A are getting transferred to User B and vice versa after a page has been submitted.
  What might be a problem ?
  Pls help me out immedately.

  Hi,
  I had something similar, and in my case I had to set the isThreadSafe page property to false. Normally the JSP environment assumes that your jsp-files are 'Threadsafe'. But in your case I think they are not. When you put in your jsp-file the statement
  <%@ page isThreadSafe=false %>
  then the JSP environment will take care that your jsp-file becomes threadsafe. This should solve your problem.
  Sponiza

• Urgent!! Problem in using session invalidate()

  Dear all,
  I think may be the problem has been posted here before, but i can't find the solution yet. I hope you can help me about this.
  My case is that i wrote a logout servlet for my web site. So i use session.invalidate() in the servlet. After that it will redirect to the home page again. At this time, NullPointerException is thrown. I have tried many ways to solve this problem, but still failed.
  Can anyone help me? Thanks for advanced.
  Priscilla

  here is the error printed out:
  java.lang.NullPointerException
       at com.sssw.srv.http.CommonLogger.log(CommonLogger.java:217)
       at com.sssw.srv.http.httpd.log(httpd.java:4229)
       at com.sssw.srv.http.Client.log(Client.java:254)
       at com.sssw.srv.http.Client.loop(Client.java:1300)
       at com.sssw.srv.http.Client.runConnection(Client.java:1495)
       at com.sssw.srv.http.Client.run(Client.java:1442)
       at java.lang.Thread.run(Thread.java:479)

• ViewExpiredException issue with session invalidate on IE9

  Hi guys,
  I have posted this on the ADF forum as well as I'm not sure of the root cause is JHeadstart related or not - but I thought I would check also here to see if anyone else has encountered this ...
  I'm using JDeveloper 11.1.1.6 (JHeadstart 11.1.1.4.26) and having problems when calling "session.invalidate();" with my custom JhsAuthenticationFilter. If i log on and immediately log out (so no web.xml timeout which is set to 25 min) - The message shown on screen is
  "Because of inactivity, your session is timed out and is no longer active. Click on OK to reload the page"
  In the log files, the following error is thrown
  <BindingContext> <put> [3126] Replacing: null with: XXXXX_UIShellPageDef
  <StateManagerImpl> <restoreView> Could not find saved view state for token -a6jozll3a
  <LifecycleImpl> <_handleException> ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RESTORE_VIEW 1
  javax.faces.application.ViewExpiredException: viewId:/pages/UIShell.jspx - ADF_FACES-30107:The view state of the page has expired.  Reload the page.
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._restoreView(LifecycleImpl.java:751)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:374)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:194)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
       at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
       at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at hmdclinical.pulse.view.PulseAuthenticationFilter.doFilter(PulseAuthenticationFilter.java:273)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
       at java.security.AccessController.doPrivileged(Native Method)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
       at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
       at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
       at java.security.AccessController.doPrivileged(Native Method)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
       at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
       at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  <ADFLogger> <addContextData> Execute queryI have the web.xml parameter org.apache.myfaces.trinidad.CLIENT_STATE_MAX_TOKENS set to 15.
  This ONLY happens when using IE9 - using Firefox or Chrome it's not a problem. I'm guessing something is trying to access the page def after the token for the view has already been removed as part of the session.invalidate() ?
  How can I find out what the root cause is and why is this only a problem with IE and not Chrome or Firefox ?
  Any help greatly appreciated !!
  Cheers,
  Brent

  Brent,
  I think it is best to make a very simple testcase without JHeadstart (you can cust and paste code from the jhs auth fillter as needed) and then attach your testcase to the post on JDev forum, or copntact Oracle support.
  Looks like a browser-specific ADF bug to me.
  Steven Davelaar,
  JHeadstart Team.

• Session create problem in mysite....

  Hi developers,
  In my project when ever i am clik on sign out button. All session values distroy. But when ever i click on the BACK Button in Browser it shows all options regulary until page refresh. How can i solve this problem.
  This is my logout.jsp file
  <%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*" errorPage=""  %>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  <title>Untitled Document</title>
  </head>
  <body>
  <%
       session.removeAttribute("uname");
       session.invalidate();
       response.sendRedirect("http://www.dec1010.com/visitagain.jsp");     
  %>
  </body>
  </html>Thanking u
  with Regards
  sure..:)-

  when ever i
  am clik on sign out button. All session values
  distroy. But when ever i click on the BACK Button in
  Browser it shows all options regulary until page
  refresh. How can i solve this problem.The browser is caching the page.
  When you hit the back button on your browser, the browser is reading the data from the cache and not from the Http Session.
  When you use HttpSessions, it is a good practice to prevent browsers from caching your page.
  Caching mechanism is browser dependent and HTTP protocol version dependent , do some research on how you could prevent a page from being cached and add the code directly in the JSP page which you don't want to be cached.

• [Bug ?] ADFC-00008 again, after session.invalidate() in ADF BC application

  Hi all,
  We would like to know wheter session.invalidate() is supposed to be a valid operation in one Action JSF method, within one ADF BC Fusion Web application ?
  When our jsf page uses data controls based od ADF BC, and one of our action method uses
     session.invalidate();then action method executes as expeced, but any following action produces following problem (JDev 11 final):
  oracle.adf.controller.ControllerException: ADFC-00008: Failed to find DataControlFrame for a task flow.
       at oracle.adfinternal.controller.util.Utils.createAndLogControllerException(Utils.java:201)
       at oracle.adfinternal.controller.util.model.DCFrameImpl.makeCurrent(DCFrameImpl.java:126)
       at oracle.adfinternal.controller.state.ViewPortContextImpl.makeCurrent(ViewPortContextImpl.java:924)
       at oracle.adfinternal.controller.state.RequestState.setCurrentViewPortContext(RequestState.java:134)
       at oracle.adfinternal.controller.state.ControllerState.setRequestState(ControllerState.java:832)
       at oracle.adfinternal.controller.state.ControllerState.synchronizeStatePart1(ControllerState.java:361)
       at oracle.adfinternal.controller.application.SyncNavigationStateListener.beforePhase(SyncNavigationStateListener.java:89)
       at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.beforePhase(ADFLifecycleImpl.java:549)
       at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchBeforeEvent(LifecycleImpl.java:98)
       at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchBeforePagePhaseEvent(LifecycleImpl.java:145)
       at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchBeforePagePhaseEvent(ADFPhaseListener.java:110)
       at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:57)
       at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:42)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:228)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:175)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:181)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:278)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:238)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:195)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:138)
       at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:102)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:65)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3496)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(Unknown Source)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)- anyone wants test case which illustrates problem ? We have one based on Oracle fod/fusion demo schema...

  Cvele wrote:
  is this mean that session.invalidate() is not a valid operation in this situation ?
  Note that problem does not occur if application does not use ADF Business Components ...
  - so, can we forget about session.invalidate() when using ADF BC ?
  In this case, what is alternative; how, for example, notify application module instances that application should be connected to the another one dataSource ?
  Invalidating session solves this problem ....

• Web logic Session Invalidate

  hi,
  i developed j2ee code in eclipse and using tomcat server ver. 4.1. after completing the code, i uploaded the war file into web logic server. In weblogic server when i click on "LogOut" the server is also shutting down along with the page. but this is not happened with TOMCAT.
  my invalidation code is
  if (event.equals(Constant.EVENT_LOGOFF)) {
       /* invalidate the session and forward to logout url */
                                session.invalidate();
                                System.out.println("url logoff -> " + logoutUrl);
                                response.sendRedirect(logoutUrl);
  please tell me what could be the problem.
  thanks
  Ananda

  Hi,
  To set these values you can use "plan.xml" which is not part of your application physically. Only u need to have a weblogic.xml file in your application ....even it may be empty...because you can add the Tags functionality on the fly without editing your application.....
  Please refer to:
  http://jaysensharma.wordpress.com/2009/12/16/updating-cookiename-using-plan-xml/
  http://jaysensharma.wordpress.com/2009/11/29/shared-library-with-plan-xml/
  http://jaysensharma.wordpress.com/2010/03/24/changing-context-root-of-an-ear-app-using-plan-xml/
  Thanks
  Jay SenSharma

• Portlet question- session.invalidate()- with weblogic

  Guys:
  Has anyone had a issue with session.invalidate() using weblogic 8.1.
  we have vignette and weblogic 8.1.
  the problem i have noticed is session.getId retunrns a extra timestamp string in the end. And i am thinking since this changes the entire sessionid, it does not get invalidated. I tried adjusting the weblogic.xml's idlength session-param to 52 but this still happens after that. can anyone suggest any insights. i am unable to kill the session and hence the user is always logged in. the only way is to close to broswer window.
  session id:
  F1z2YTQMyD3Yy1Xs4VBHyq3M7LWVfYMnvWJgYLnrR3cPYnKL9NW9!-682555724!1170191618061
  any help will be appreciated..thanks.
  Harsh

  i havent gone to weblogic support yet. Want to check
  if anyone of us might have seen a similar issue.I haven't used weblogic in a while. I doubt many people here have. I would suggest you ask on a weblogic forum. This is a java forum.

• Does calling session.invalidate() also removes all the session attriutes?

  Hi,
  I want to know whether calling session.invalidate() also removes any objects in the session attributes.or we have to explicitly remove objects from the attributes.
  I want to know this because my application is having some memory related problems. In my application when a user logs in we put many String objects int the session using session.setAttribute.
  Now when the user logs out we call session.invalidate() .
  Will these String objects occupy memory (i.e. will they be garbage collected ) after I call session.invalidate() ?
  or
  I have to explicitly remove all the session attributes programmatically?
  Any assistance would be of great help.
  Thanks & Regards,
  Nirmal

  Sigh. The invalidate dereferences all attributes from the current session. If the object doesn't have any other references (servlets? filters? listeners? whatever) then it will be eligible for GC. The object i.e the String objects does'nt have any remaining references after I nullified the arrayList (which was the one and only refeferencing the String Objects).
  There isn't any servlet, filter, no other entity that is referencing the arraylist once the user's session is invalidated.
  But still when I take the heap dump I'm gettingt those String objects in the heap.........
  Once a user logs off we call his/her session.invalidate() and we don't want any of his/her arrayList (containing String objects) in the memory anymore.
  Please tell me according to you what should be done in order to get rid of the unwanted String objects in the heap, beside my silly lines of code.
  I've load tested the application using jmeter (say for 100 users) and for each of the users the String objects(contained in ArrayLIst) stored in the session are still available even though we called session.invalidate() for each of the user.
  This is a major concern for memory related problems that we people are facing here.
  Any help would be of great ......
  Thanks & Regards,
  Nirmal

• Session.removeAttribute and session.invalidate

  I pass a scoped object from one JSP #1 to JSP #2 in a session.
  In JSP #1, I did:
         <c:set var="cr" value="${articleForm.creator}" scope="session"/>In JSP #2, I did:
        <bean:define id="author" name="cr" scope="session" type="java.lang.String"/>
        <html:text property="receiver" value="<%=author%>" size="82" maxlength="25" tabindex="1"/>Immediately after I output the value, I want to remove the object from the session. I have two questions:
  1. which one of the following should I do:
         session.removeAttribute( "cr" );or
         session.removerAttribute( "author" );or
         session.removeAttribute( "receiver" );2. Do I have to invalidate the session; i.e. session.invalidate(); after all the objects in the session are removed?

  I pass a scoped object from one JSP #1 to JSP #2 in a session.
  In JSP #1, I did:
         <c:set var="cr" value="${articleForm.creator}" scope="session"/>In JSP #2, I did:
        <bean:define id="author" name="cr" scope="session" type="java.lang.String"/>      <html:text property="receiver" value="<%=author%>" size="82" maxlength="25" tabindex="1"/>Immediately after I output the value, I want to remove the object from the session. Which one of the following should I do:
         session.removeAttribute( "cr" );or
         session.removerAttribute( "author" );or
         session.removeAttribute( "receiver" );

• Session timeout and session.invalidate() -- are they the same?

  I was just wondering when a session timeout occurs (either by setting the session-timeout in web.xml or the server's default timeout), is the session automatically invalidated? Or should we call setMaxInactiveInterval() instead? Or is calling session.invalidate() the only way to invalidate a session?

  Hello all,
  Both are same in terms of functionality, but if you use both of them like
  1: You specified the tag sessionTimeout and
  2: in your program the session.maxInactiveIntervalTime( value ) here if the value is(we gave it in terms of seconds like for 40 minutes we give 2400) then the program code will override the value previously set in web.xml
  Thanks
  Prabhakar

• Session.invalidate works on tomcat but not in WebSphere Server

  I'm trying to figure out a .jsp written by another developer in WS Studio.
  The page does this:
  session = request.getSession(false);
  session.setMaxInactiveInterval(5);
  then almost immediately, does this:
  session.invalidate();
  In Tomcat, I get the "session already invalidated" error message I would expect. However, In WS Server, the rest on the page loads, and I can continue to interact with the application. I'm using IE 6.0, sp2.
  The "session.setMaxInactiveInterval(5);" call seems to have no effect in either container; al least, the application never times out.
  The most important thing for my purposes is to be able to invalidate the session in websphere. How can I fix this? Thanks!

  duffymo wrote:
  Is the machine that you ran this simple java class on the same one where you're >deploying the web app?Same machine where my sql connections bug. I just copypasted it into a file in tomcat5.5/webapps directory and then compiled it and used it from there. I used it from command line.
  duffymo wrote:
  how well do you know jsps, tomcat, and web apps? sure it's deployed properly? if you >put in a simple jsp and invoked it via tomcat, would you be able to do it?Dont know jsps well. :) Essentially my jspservlet thingie works normally on my computer through my tomcat and on other computers which have netbeans etc... It compiles .war file and ive copied that .war file to the target server's tomcat webapps directory, then when I access the website of my jspservlet tomcat unpacks it and shows my jsp pages normally if they have no sql components. So at least jsp pages are working... :)
  "minor modifications"? sure those are right? you wouldn't be the first programmer to fool >themselves by saying "it's the same code - except for X."
  try you "minor modifications" on the command line, too.First I used with main on command line, then removed main etc... and included it into my project.

• Issue with session.invalidate() in OC4J

  Ok, here's the thing- I've got a servlet that autogenerates
  pages to the client via XSL; so far so good. However whenever
  the login page is displayed, we would like to "logout" the
  current user if there is one and start fresh, as it were. All of
  our persistent data is stored via the user's session object so
  we are doing something like this:
  public void doGet( HttpServletRequest request) {
  HttpSession session = request.getSession();
  // Some misc. stuff happens here;
  // Nothing is written to the session, however
  if ( page == LOGIN_PAGE) {
  session.invalidate();
  session = request.getSession();
  String info = session.getAttribute( "INFO");
  As soon as we request the attribute, after performing the
  session invalidation & re-obtaining a new session the system
  bails with an IllegalStateException: Session invalidated
  exception.
  Note that the exact same code works under the Sun Reference
  Implementation (Apache Groups Tomcat 4.0) and is pretty much
  verbatim from Jason Hunter's book Java Servlet Programming 2nd
  Edition pg. 220.
  Any ideas for a fix and/or workaround?

  Hi
  This works, here is a sample I've run on OC4J
  public class SessionTestServlet extends HttpServlet
  private static final String CONTENT_TYPE = "text/html";
  HttpSession sess = null;
  private static boolean login_page = true;
  public void init(ServletConfig config) throws ServletException
  super.init(config);
  public void doGet(HttpServletRequest request,
  HttpServletResponse response) throws ServletException,
  IOException
  sess = request.getSession(true);
  try
  if (login_page)
  if(sess != null)
  sess.invalidate();
  sess = request.getSession(true);
  sess.setAttribute("name","kalle");
  catch(Exception e)
  e.printStackTrace();
  response.setContentType(CONTENT_TYPE);
  PrintWriter out = response.getWriter();
  out.println("<html>");
  out.println
  ("<head><title>SessionTestServlet</title></head>");
  out.println("<body>");
  out.println("<p>Session: "+ sess+"<p>Name: "+
  sess.getAttribute("name"));
  out.println("</body></html>");
  out.close();
  Regards
  //Mike

• Are beans also destroyed with session invalidate()?

  Hi,
  I have a login JSP which creates a new session and puts the username into it.
  My other JSP's also have page session=true, and each of them uses a bean. For example,
  <jsp:useBean id="transferbean" class="transactions.transferBean" scope="session"/>
  My logout JSP calls session.invalidate() and returns the user to the login page.
  My question is- does the session.invalidate() call also destroy the transferbean data? The user will not close his browser window after logging out- he may choose to log in again as a different user. Will he have a new transferbean created for him, or will the previous transferbean data persist?
  Thanks
  Luanne

  This is almost my case... I have a page called index.jsp which holds the session variables;
  <jsp:useBean id="ValidationBean" scope="session" class="com.nbdesigns.beans.nbstore.Validation" />
  <jsp:useBean id="OrderBean" scope="session" class="com.nbdesigns.beans.nbstore.Order" />If you start to shop, the orderbean holds your order. When you checkout you have to register or log in, in both cases the cart will be deleted.
  All pages are included in the index.jsp with the <%include page="" %> tag.
  Any ideas why the editing of values in validationbean causes the values in orderbean to be deleted?

• Session.invalidate exception

  FacesContext ctx = FacesContext.getCurrentInstance();
  ExternalContext ectx = ctx.getExternalContext();
  HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
  HttpServletRequest request = (HttpServletRequest)ectx.getRequest();
  HttpSession session = (HttpSession)ectx.getSession(false);
  if (session!=null) {
  try {
  session.invalidate();
  catch (Throwable th) {
  th.printStackTrace();
  if (response!=null) {
  response.sendRedirect("/asd/asda/asd.jspx");
  //request.getRequestDispatcher("").forward(request, response);
  if (ctx!=null) {
  ctx.responseComplete();
  I get this exception when I call session.invalidate .....not sure why??
  ## Detail 0 ##
  java.lang.NullPointerException
       at oracle.adf.share.http.HttpUtil.getAttribute(HttpUtil.java:98)
       at oracle.adf.share.http.HttpSessionScopeAdapter.get(HttpSessionScopeAdapter.java:240)
       at oracle.jbo.common.ampool.SessionCookieImpl.<init>(SessionCookieImpl.java:164)
       at oracle.jbo.http.HttpSessionCookieImpl.<init>(HttpSessionCookieImpl.java:133)
       at oracle.jbo.http.HttpSessionCookieImpl.<init>(HttpSessionCookieImpl.java:124)
       at oracle.jbo.http.HttpSessionCookieFactory.createSessionCookie(HttpSessionCookieFactory.java:131)
       at oracle.jbo.common.ampool.ApplicationPoolImpl.createSessionCookie(ApplicationPoolImpl.java:452)
       at oracle.adf.model.bc4j.DataControlFactoryImpl.findOrCreateSessionCookie(DataControlFactoryImpl.java:141)
       at oracle.adf.model.bc4j.DataControlFactoryImpl.createSession(DataControlFactoryImpl.java:222)
       at oracle.adf.model.binding.DCDataControlReference.getDataControl(DCDataControlReference.java:76)
       at oracle.adf.model.BindingContext.get(BindingContext.java:457)
       at oracle.adf.model.binding.DCUtil.findSpelObject(DCUtil.java:280)
       at oracle.adf.model.binding.DCUtil.findSpelObject(DCUtil.java:248)
       at oracle.adf.model.binding.DCUtil.findContextObject(DCUtil.java:383)
       at oracle.adf.model.binding.DCIteratorBinding.<init>(DCIteratorBinding.java:127)
       at oracle.jbo.uicli.binding.JUIteratorBinding.<init>(JUIteratorBinding.java:60)
       at oracle.jbo.uicli.binding.JUIteratorDef.createIterBinding(JUIteratorDef.java:87)
       at oracle.jbo.uicli.binding.JUIteratorDef.createIterBinding(JUIteratorDef.java:51)
       at oracle.adf.model.binding.DCIteratorBindingDef.createExecutableBinding(DCIteratorBindingDef.java:277)
       at oracle.adf.model.binding.DCBindingContainerDef.createExecutables(DCBindingContainerDef.java:296)
       at oracle.adf.model.binding.DCBindingContainerDef.createBindingContainer(DCBindingContainerDef.java:425)
       at oracle.adf.model.binding.DCBindingContainerReference.createBindingContainer(DCBindingContainerReference.java:54)
       at oracle.adf.model.binding.DCBindingContainerReference.getBindingContainer(DCBindingContainerReference.java:44)
       at oracle.adf.model.BindingContext.get(BindingContext.java:483)
       at oracle.adf.model.binding.DCBindingContainer.release(DCBindingContainer.java:1913)
       at oracle.adf.model.binding.DCDataControl.release(DCDataControl.java:1551)
       at oracle.adf.model.bc4j.DCJboDataControl.release(DCJboDataControl.java:468)
       at oracle.adf.model.binding.DCDataControl.release(DCDataControl.java:1482)
       at oracle.adf.model.BindingContext.release(BindingContext.java:270)
       at oracle.adf.model.servlet.HttpBindingContext.valueUnbound(HttpBindingContext.java:36)
       at com.evermind.server.http.EvermindHttpSession.destroy(EvermindHttpSession.java:454)
       at com.evermind.server.http.HttpApplication.invalidateSession(HttpApplication.java:871)
       at com.evermind.server.http.EvermindHttpSession.invalidate(EvermindHttpSession.java:396)
       at mycode.SecurityBacking.logoutAction(SecurityBacking.java:387)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:146)
       at oracle.adf.view.faces.component.UIXComponentBase.__broadcast(UIXComponentBase.java:1087)
       at oracle.adf.view.faces.component.UIXCommand.broadcast(UIXCommand.java:204)
       at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:287)
       at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:401)
       at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:95)
       at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:245)
       at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:110)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:213)
       at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
       at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._invokeDoFilter(AdfFacesFilterImpl.java:228)
       at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._doFilterImpl(AdfFacesFilterImpl.java:197)
       at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl.doFilter(AdfFacesFilterImpl.java:123)
       at oracle.adf.view.faces.webapp.AdfFacesFilter.doFilter(AdfFacesFilter.java:103)
       at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)
       at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:162)
       at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)
       at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)
       at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)
       at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)
       at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:221)
       at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:122)
       at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:111)
       at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
       at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:239)
       at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:34)
       at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:880)
       at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)

  java.lang.NullPointerException     at oracle.adf.share.http.HttpUtil.getAttribute(HttpUtil.java:98)     at oracle.adf.share.http.HttpSessionScopeAdapter.get(HttpSessionScopeAdapter.java:240)     at oracle.adf.model.BindingRequestHandler.beginRequest(BindingRequestHandler.java:127)     at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:161)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:221)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].server.http.HttpRequestHandler.run(HttpRequestHandler.java:122)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].server.http.HttpRequestHandler.run(HttpRequestHandler.java:111)     at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)     at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:239)     at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:34)     at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:880)     at com.evermind[Oracle Containers for J2EE 10g (10.1.3.3.0) ].util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:298)     at java.lang.Thread.run(Thread.java:595)