isRequestedSessionIdValid() returning false


Web tier: servlets, JSP, Web frameworks: isRequestedSessionIdValid() returning false

  1. Hi All ,

    I'm facing the problem while invoking request.isRequestedSessionIdValid() . It is giving false. But it's not expected to do so.

    The web application has the form based login system. After logining thru the Logservlet redirects to another servlet(HomeServlet) which displays welcome message as well as a treelist for navigation. For this HomeServlet display two other servlets in frames. And upto this , I'm getting request.isRequestedSessionIdValid() true in each of the servlets. But whenever , some url in the treelist(navigation panel) is clicked, it invokes some servlet. And there I check for request.isRequestedSessionIdValid(). And to my surprise, I find it false. The session tracking is based on cookies and the same code is working in javawebserver2.0. I have made the timeout properties large enough.

    Can anybody pls help me? Any suggestion is welcome.

    Thanks and Regards,


  2. Is the invocation of the servlet from the TreeList through a POST or a GET request? You might wanna play with the:

    isRequestedSessionIdFromURL() and isRequestedSessionIdFromCookie()

    to see if there is a persistency in the way of how the HttpSession object is being handled.

    Are you using the version 2.3 of servlet.jar? If so, then you could employ the HttpSessionActivationListener to catch an unexpected event of passivating your session.

    Let us know how you resolve this one..

  3. The invocation from the treelist is by clicking url in the browser(get request).
    And I have tried to print,value of isRequestedSessionIdFromURL(),isRequestedSessionIdFromCookie also in servlets. before clicking the url in the treelist , 1st one is true and second one is false. But when I clicked the url and it goes to some other servlets, the all three values are false(including isRequestedSessionIdValid()). And currenly, I'm not using servlets 2.3, so I tried to check with binding listener, whether the session is expired or not. As the session will be expired, it will invoke unBound method of the object implementing listener. And this way I found, that session is not expired. So what may be the reason? Pls help me. Becaues right now this the bottle neck of the development. For information, same set of codes are running fine under javawebserver2.0. And more thing, isRequestedSessionIdValid() returns false when I first time log into the web appliaction using form based login and as a result some meassge is shown by my application, that session is invalid. So when I try to login second time using some different user(beacuse as the user has already previous user as already logged in), the isRequestedSessionIdValid() method gives true and everything goes fine. So what may be the reason?
  4. Can you post the code for firing the URL from the treelist, just to take a look?