Quantcast

Do i need to manually create a new session?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Do i need to manually create a new session?

marcopas
Hi there,

i am learning bit by bit and am wondering how to solve this little puzzle.
When implementing a loginUser method, i get an
"java.lang.IllegalStateException: getAttribute: Session already
invalidated" error.

This error occurs when i want to reenter the 'login-page' and try to
login with a different user.
The method checks if there is already a user which is logged in and if
so, the session in invalidated.

So the code line '_session.user = user' will give problems when i have
invalidated the session,
do i have to manually create a new session or am i tackling the
problem in a wrong way?

        Boolean loginUser(def _session, User user) {
                if(isUserLoggedIn(_session)) {
                        _session.invalidate()
                }
                if(user) {
                        _session.user = user
                }
                return isUserLoggedIn(_session)
        }

Greetings Marco

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Do i need to manually create a new session?

ld@ldaley.com

On 22/03/2011, at 7:13 PM, Marco Pas wrote:

> Hi there,
>
> i am learning bit by bit and am wondering how to solve this little puzzle.
> When implementing a loginUser method, i get an
> "java.lang.IllegalStateException: getAttribute: Session already
> invalidated" error.
>
> This error occurs when i want to reenter the 'login-page' and try to
> login with a different user.
> The method checks if there is already a user which is logged in and if
> so, the session in invalidated.
>
> So the code line '_session.user = user' will give problems when i have
> invalidated the session,
> do i have to manually create a new session or am i tackling the
> problem in a wrong way?
>
> Boolean loginUser(def _session, User user) {
> if(isUserLoggedIn(_session)) {
> _session.invalidate()
> }
> if(user) {
> _session.user = user
> }
> return isUserLoggedIn(_session)
> }

You will need to create a new one from the request, i.e. request.session.user = user.

btw, Boolean loginUser(def _session, User user) should be Boolean loginUser(_session, User user) according to the “official” Groovy style. You should only use “def” where it's absolutely needed.
---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Do i need to manually create a new session?

marcopas
Thanks for pointing me out! Learning again every day!

When i execute this little piece of code inside a controller action,

def performLogin = {
    session.invalidate()
    request.getSession(true);
    // or something like request.session.dummyvar = "1"
    println session
    redirect(action: 'login')
}

I still get an exception telling me

Stacktrace follows:
java.lang.IllegalStateException: getAttributeNames: Session already invalidated
        at econtact.UserController$_closure3.doCall(UserController.groovy:20)
        at econtact.UserController$_closure3.doCall(UserController.groovy)
        at java.lang.Thread.run(Thread.java:680)
2011-03-23 08:12:28,445 [http-8080-5] ERROR
servlet.GrailsDispatcherServlet  - HandlerInterceptor.afterCompletion
threw exception
java.lang.IllegalStateException: getAttribute: Session already invalidated
        at econtact.UtilFilters$_closure1_closure2_closure5.doCall(UtilFilters.groovy:20)
        at java.lang.Thread.run(Thread.java:680)

I think that i have invalidated the session, but it seems that i am
doing something wrong in creating a new session.
Any hints?

Greetings Marco

2011/3/23 Luke Daley <[hidden email]>:

>
> On 22/03/2011, at 7:13 PM, Marco Pas wrote:
>
>> Hi there,
>>
>> i am learning bit by bit and am wondering how to solve this little puzzle.
>> When implementing a loginUser method, i get an
>> "java.lang.IllegalStateException: getAttribute: Session already
>> invalidated" error.
>>
>> This error occurs when i want to reenter the 'login-page' and try to
>> login with a different user.
>> The method checks if there is already a user which is logged in and if
>> so, the session in invalidated.
>>
>> So the code line '_session.user = user' will give problems when i have
>> invalidated the session,
>> do i have to manually create a new session or am i tackling the
>> problem in a wrong way?
>>
>>       Boolean loginUser(def _session, User user) {
>>               if(isUserLoggedIn(_session)) {
>>                       _session.invalidate()
>>               }
>>               if(user) {
>>                       _session.user = user
>>               }
>>               return isUserLoggedIn(_session)
>>       }
>
> You will need to create a new one from the request, i.e. request.session.user = user.
>
> btw, Boolean loginUser(def _session, User user) should be Boolean loginUser(_session, User user) according to the “official” Groovy style. You should only use “def” where it's absolutely needed.
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Do i need to manually create a new session?

ld@ldaley.com
Follow me through the wonders of Grails…

The magic “session” variable that is implemented on controllers is implemented here:

https://github.com/grails/grails-core/blob/1.3.x/src/java/org/codehaus/groovy/grails/web/plugins/support/WebMetaUtils.groovy#L211

That “RCH.currentRequestAttributes()” methods equates to an instance of GrailsWebRequest. The getSession() method on this guy looks like…

https://github.com/grails/grails-core/blob/1.3.x/src/java/org/codehaus/groovy/grails/web/servlet/mvc/GrailsWebRequest.java#L178

See the problem?

This is always going to return the old invalidated session.

The solution will be to try and redirect as soon as you invalidate the session. If you absolutely must access the new session after invalidating and in the same request, you have to use request.session.

On 23/03/2011, at 5:18 PM, Marco Pas wrote:

> Thanks for pointing me out! Learning again every day!
>
> When i execute this little piece of code inside a controller action,
>
> def performLogin = {
>    session.invalidate()
>    request.getSession(true);
>    // or something like request.session.dummyvar = "1"
>    println session
>    redirect(action: 'login')
> }
>
> I still get an exception telling me
>
> Stacktrace follows:
> java.lang.IllegalStateException: getAttributeNames: Session already invalidated
> at econtact.UserController$_closure3.doCall(UserController.groovy:20)
> at econtact.UserController$_closure3.doCall(UserController.groovy)
> at java.lang.Thread.run(Thread.java:680)
> 2011-03-23 08:12:28,445 [http-8080-5] ERROR
> servlet.GrailsDispatcherServlet  - HandlerInterceptor.afterCompletion
> threw exception
> java.lang.IllegalStateException: getAttribute: Session already invalidated
> at econtact.UtilFilters$_closure1_closure2_closure5.doCall(UtilFilters.groovy:20)
> at java.lang.Thread.run(Thread.java:680)
>
> I think that i have invalidated the session, but it seems that i am
> doing something wrong in creating a new session.
> Any hints?
>
> Greetings Marco
>
> 2011/3/23 Luke Daley <[hidden email]>:
>>
>> On 22/03/2011, at 7:13 PM, Marco Pas wrote:
>>
>>> Hi there,
>>>
>>> i am learning bit by bit and am wondering how to solve this little puzzle.
>>> When implementing a loginUser method, i get an
>>> "java.lang.IllegalStateException: getAttribute: Session already
>>> invalidated" error.
>>>
>>> This error occurs when i want to reenter the 'login-page' and try to
>>> login with a different user.
>>> The method checks if there is already a user which is logged in and if
>>> so, the session in invalidated.
>>>
>>> So the code line '_session.user = user' will give problems when i have
>>> invalidated the session,
>>> do i have to manually create a new session or am i tackling the
>>> problem in a wrong way?
>>>
>>>       Boolean loginUser(def _session, User user) {
>>>               if(isUserLoggedIn(_session)) {
>>>                       _session.invalidate()
>>>               }
>>>               if(user) {
>>>                       _session.user = user
>>>               }
>>>               return isUserLoggedIn(_session)
>>>       }
>>
>> You will need to create a new one from the request, i.e. request.session.user = user.
>>
>> btw, Boolean loginUser(def _session, User user) should be Boolean loginUser(_session, User user) according to the “official” Groovy style. You should only use “def” where it's absolutely needed.
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>    http://xircles.codehaus.org/manage_email
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>


---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Do i need to manually create a new session?

marcopas
So if i understand correctly, the implementation of the getSession()
method only returns a new session when there is no session (session
==null).

if (session == null) {
            session = new GrailsHttpSession(getCurrentRequest());
        }

If invalidate the session, this does not mean that there is no session
offcourse! So i will always the the old session.
Do i understand this correctly?

Then theoretically, if i want to invalidate() the current session and
provide a new one within the same request,
i will have to use request.session as you state. Can this be done in
the same controller method?

Just using request.session seems not to assign a new session, also
session = request.session complains offcourse that 'Cannot set
readonly property' ?

    def dummy = {
                session.invalidate()
                request.session
                redirect(action: 'login')
    }

Let me remark that the given examples are for learning purposes, i am
trying to learn the wonders of Grails ;)

Marco

2011/3/23 Luke Daley <[hidden email]>:

> Follow me through the wonders of Grails…
>
> The magic “session” variable that is implemented on controllers is implemented here:
>
> https://github.com/grails/grails-core/blob/1.3.x/src/java/org/codehaus/groovy/grails/web/plugins/support/WebMetaUtils.groovy#L211
>
> That “RCH.currentRequestAttributes()” methods equates to an instance of GrailsWebRequest. The getSession() method on this guy looks like…
>
> https://github.com/grails/grails-core/blob/1.3.x/src/java/org/codehaus/groovy/grails/web/servlet/mvc/GrailsWebRequest.java#L178
>
> See the problem?
>
> This is always going to return the old invalidated session.
>
> The solution will be to try and redirect as soon as you invalidate the session. If you absolutely must access the new session after invalidating and in the same request, you have to use request.session.
>
> On 23/03/2011, at 5:18 PM, Marco Pas wrote:
>
>> Thanks for pointing me out! Learning again every day!
>>
>> When i execute this little piece of code inside a controller action,
>>
>> def performLogin = {
>>    session.invalidate()
>>    request.getSession(true);
>>    // or something like request.session.dummyvar = "1"
>>    println session
>>    redirect(action: 'login')
>> }
>>
>> I still get an exception telling me
>>
>> Stacktrace follows:
>> java.lang.IllegalStateException: getAttributeNames: Session already invalidated
>>       at econtact.UserController$_closure3.doCall(UserController.groovy:20)
>>       at econtact.UserController$_closure3.doCall(UserController.groovy)
>>       at java.lang.Thread.run(Thread.java:680)
>> 2011-03-23 08:12:28,445 [http-8080-5] ERROR
>> servlet.GrailsDispatcherServlet  - HandlerInterceptor.afterCompletion
>> threw exception
>> java.lang.IllegalStateException: getAttribute: Session already invalidated
>>       at econtact.UtilFilters$_closure1_closure2_closure5.doCall(UtilFilters.groovy:20)
>>       at java.lang.Thread.run(Thread.java:680)
>>
>> I think that i have invalidated the session, but it seems that i am
>> doing something wrong in creating a new session.
>> Any hints?
>>
>> Greetings Marco
>>
>> 2011/3/23 Luke Daley <[hidden email]>:
>>>
>>> On 22/03/2011, at 7:13 PM, Marco Pas wrote:
>>>
>>>> Hi there,
>>>>
>>>> i am learning bit by bit and am wondering how to solve this little puzzle.
>>>> When implementing a loginUser method, i get an
>>>> "java.lang.IllegalStateException: getAttribute: Session already
>>>> invalidated" error.
>>>>
>>>> This error occurs when i want to reenter the 'login-page' and try to
>>>> login with a different user.
>>>> The method checks if there is already a user which is logged in and if
>>>> so, the session in invalidated.
>>>>
>>>> So the code line '_session.user = user' will give problems when i have
>>>> invalidated the session,
>>>> do i have to manually create a new session or am i tackling the
>>>> problem in a wrong way?
>>>>
>>>>       Boolean loginUser(def _session, User user) {
>>>>               if(isUserLoggedIn(_session)) {
>>>>                       _session.invalidate()
>>>>               }
>>>>               if(user) {
>>>>                       _session.user = user
>>>>               }
>>>>               return isUserLoggedIn(_session)
>>>>       }
>>>
>>> You will need to create a new one from the request, i.e. request.session.user = user.
>>>
>>> btw, Boolean loginUser(def _session, User user) should be Boolean loginUser(_session, User user) according to the “official” Groovy style. You should only use “def” where it's absolutely needed.
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this list, please visit:
>>>
>>>    http://xircles.codehaus.org/manage_email
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>    http://xircles.codehaus.org/manage_email
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Loading...