WAS6.1 - session.getAttribute( xxx) throwing a null pointer exception!
nara...@vwebsol.com
=========================
java.lang.NullPointerException
at java.util.Hashtable.get(Hashtable.java:481)
at com.ibm.ws.webcontainer.srt.SRTRequestContext.getSession(SRTRequestContext.java:76)
at com.ibm.ws.webcontainer.srt.SRTServletRequest.getSession(SRTServletRequest.java:1239)
at com.ibm.ws.webcontainer.srt.SRTServletRequest.getSession(SRTServletRequest.java:1226)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:268)
at com.ema.appfw.ui.web.AbstractMultiActionController.getUserSession(AbstractMultiActionController.java:37)
===========================
The issue remains even if you request a new session (request.getSession(true)). Below is the java code.
if(request.getSession() != null) {
if(request.getSession().getAttributeNames() != null && request.getSession().getAttributeNames().hasMoreElements())
//get userSessionToken from Session
userSession = (UserSession)request.getSession().getAttribute( AppConstants.USER_SESSION );
}
The issue occurs quite consistently on few requests after a little working with the application. In the sense, the user logs in, performs operation1, goes ahead to perform few other operations and then when he comes back to operation1 link, he gets the above null pointer. It occurs with just single user session.
Can anyone throw some light on the issue? Am I missing something in the application code or Websphere setting?
Thanks in advance.
Paul Ilechko
WAG - you're going from a protected to an unprotected page, and no
longer have access to a secure session.
Ken Hygh
WAG 2: the variable 'request' is declared in object scope, and isn't
thread safe.
Ken
nara...@vwebsol.com
>>longer have access to a secure session.
The security server we have intercepts every request to the server, validates and only then forwards the request to the application layer.
From the logs, we defintely are in the secure zone still. Added to this, the above issue occurs for links which had worked just a min back.
Its like the session attributelist was recreated or something. Also even more importantly it is an error in the Hashtable class, which also means
that the map stored at the session level is not null, but some other logic has failed in the internals of the Hashtable class?
>>WAG 2: the variable 'request' is declared in object scope, and isn't
>>thread safe.
>>Ken
I tried making the method where the above code is executed as synchronized, but it has not helped.
Paul Ilechko
>>> WAG - you're going from a protected to an unprotected page, and no
>>> longer have access to a secure session.
>
> The security server we have intercepts every request to the server, validates and only then forwards the request to the application layer.
> From the logs, we defintely are in the secure zone still. Added to this, the above issue occurs for links which had worked just a min back.
> Its like the session attributelist was recreated or something. Also even more importantly it is an error in the Hashtable class, which also means
> that the map stored at the session level is not null, but some other logic has failed in the internals of the Hashtable class?
Are you sure that the data is serializable ?
nara...@vwebsol.com
Any other suggestions or workarounds? Thank you.
Paul Ilechko
Run your code in a debugger so that you can see what is happening.
Turn on trace.
i.e. do the usual things that programmers do when they have a problem.
nara...@vwebsol.com
==========
public class UserSession implements Serializable {
/** Stores the user session token returned by the SecurityAdapter. **/
private String userSessionToken;
...
...
....
===============