Date: Fri, 13 Dec 2002 17:35:18 -0800
From: Jeff Wishnie <je...@deluxebiz.com>
Reply-To: Tomcat Users List <tomc...@jakarta.apache.org>
To: Tomcat Users List <tomc...@jakarta.apache.org>
Subject: HttpSessionListern BUG in 4.1.12 ! ?!
It appears the session object in the SessionEvent passed into HttpSessionListener.sessionCreated and
HttpSessionListener.sessionDestroyed is the session _facade_ org.apache.catalina.session.StandardSessionFacade
But the one passed into HttpSessionAttributeListener is the actual session object (StandardSession)--which makes it very hard to do
identity tests between the sessions passed into the two sets of interfaces....
Is this a known bug???
I assume the proper implementation is for the container to always pass
in the StandardSession and _not_ the facade. Is this correct?
Actually, it would be the other way around -- the facade should always be
passed. The reason for having a facade is to prevent webapps from using
Java reflection to access internals of the container's implemewntation
As another responder points out, trying to use object identity for your
scenario isn't going to be portable (even to different versions of a
container where it might work the first time) -- match on session id
To unsubscribe, e-mail: <mailto:tomc...@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomc...@jakarta.apache.org>