[jboss-jira] [JBoss JIRA] Created: (JBPORTAL-2334) NullpointerExcption in SessionListener

NullpointerExcption in SessionListener -------------------------------------- Key: JBPORTAL-2334 URL: https://jira.jboss.org/jira/browse/JBPORTAL-2334 Project: JBoss Portal Issue Type: Bug Security Level: Public (Everyone can see) Components: Portal Server Affects Versions: 2.7.1 Final Environment: Windows XP, JBoss AS 4.2.3 GA Reporter: Thomas Schmidt Priority: Minor Our application has a security issue to invalidate the session on login. This invalidation is implemented in an webserver valve throught: req.getSession(true).invalidate(); Now, on login the Session will be destroyed. This starts the SessionListeners sessionDestroy method. The class org.jboss.portal.server.listener.SessionListener is implemented so, that after calling the context from session the context is not further validated. I think, this is a bug. In a listener you can not expected that somebody has stored a context in the session. a possible solution: Set<String> contexts = (Set<String>)arg0.getSession().getAttribute(KEY); if (context == null) { return; } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira