Home/ Questions/Q 8351651
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T08:41:56+00:00

I am storing session ids in database at log in time. The problem I

  • 0

I am storing session ids in database at log in time. The problem I am facing is that if a different user logs in after first one, same session is entered in DB and welcome username still reflects the name of the one who logged in first on the same machine. I want to create a new session id each time a user logs in, but somehow my code doesn’t work.

HttpSession session = request.getSession();
String sessionID;
request.getSession(true);
sessionID = session.getId();

Note: the above code is called when user click Login button and its contained in a servlet.

session ID still has the old value of session till the old one expires by default. Meaning if 10 users logs in, all will have same session id and same welcome name.

Need expert advice from gurus here:). Let me know if I am missing out on any details that need to be put.

If I use –

if(session.isNew()){
            System.out.println("New session created by default");
            request.getSession(true);
            sessionID = session.getId();
            createTime = new Date(session.getCreationTime());
            lastAccessTime = new Date(session.getLastAccessedTime());
            initialtime = System.currentTimeMillis();
        }else{
            System.out.println("You have created a new session");
            request.getSession().invalidate();
            request.getSession(true);
               sessionID = session.getId();
            createTime = new Date(session.getCreationTime());
            lastAccessTime = new Date(session.getLastAccessedTime());
            initialtime = System.currentTimeMillis();
         }

get the below exception –

SEVERE: Servlet.service() for servlet LoginToApp threw exception
java.lang.IllegalStateException: getCreationTime: Session already invalidated
    at org.apache.catalina.session.StandardSession.getCreationTime(StandardSession.java:1025)
    at org.apache.catalina.session.StandardSessionFacade.getCreationTime(StandardSessionFacade.java:74)
    at LoginToApp.doGet(LoginToApp.java:56)
    at LoginToApp.doPost(LoginToApp.java:208)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
    at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:843)
    at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:679)
    at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1303)
    at java.lang.Thread.run(Thread.java:595)
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Set the session variable to the new session: you’re trying to work with the old, invalidated one.

    • 0