Problem getting session information

Ok so the idea is simple enough, handle logins using serverside auth and then if auth then set a session variable to keep track of the user. Once the user decides to logout the session is destroyed. Problem is it doesn't apear to be working.
Problems
1.) The login feature seems to work and the userName session variable can be accessed through a xmlhttprequest to the server, however, when I try to just run the servlet directly I get a blank string. How can the session be retrieved fine by the request but another IE window sees nothing.

2.) Session.invalidate does not cause the session variable to be destroyed.

here are some code snipets

//Client Side

function login()
{
userName="";
xmlUserName=GetXmlHttpObject();
if (xmlUserName == null)
{
alert ("Your browser does not support the XMLHttpRequest object. Please upgrade to a newer browser.");
return;
}
queryString="mode=getValue&varName=userName";
//xmlUserName.onreadystatechange=responseUN;
xmlUserName.open("POST",urlSession,false);
xmlUserName.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
xmlUserName.send(queryString);
// if (xmlUserName.status=="PAGE_SUCCESS")
// {

userName=xmlUserName.responseText;
alert(xmlUserName.status);
alert(xmlUserName.responseText);
if (userName != "")
{
//userName.replace(" ","*");
//alert(userName);
getCurrentPage();
}
else
{
alert("Please Log In");
window.location = "***.htm";
}

}

//responseText is false
function logout()
{
alert("we're in");
userName="";
xmlUserName=GetXmlHttpObject();
if (xmlUserName == null)
{
alert ("Your browser does not support the XMLHttpRequest object. Please upgrade to a newer browser.");
return;
}
var url="http://*******/LdapAuthServlet";
queryString="mode=logout";
//xmlUserName.onreadystatechange=responseUN;
xmlUserName.open("POST",urlSession,false);
xmlUserName.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
xmlUserName.send(queryString);
// if (xmlUserName.status=="PAGE_SUCCESS")
// {

//userName=xmlUserName.responseText;
alert(xmlUserName.status);
alert(xmlUserName.responseText);
// if (userName != "")
// {
// //userName.replace(" ","*");
// //alert(userName);
// getCurrentPage();
// }
// else
// {
alert("Please Log In");
window.location = "****.htm";
//}

}

//server side

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException
{
PrintWriter writer = null;
setVar();

try
{
writer = response.getWriter();
//Setup Variables

boolean validLogin = false;
//get the mode to accomplish
String mode = request.getParameter("mode");
String falsePos = request.getParameter("falsePos");
// got hold of the user session
HttpSession session = request.getSession(true);
// retrieving session info

if (!(mode == null))
{
if (mode.equals("login"))
{
String userName = request.getParameter("userName");
String passWord = request.getParameter("passWord");
//Make sure the variables were included
if ((!(userName == null)) && (!(passWord == null)))
{
//Check the username/Password with LDAP
validLogin = checkAuth(userName, passWord);

//Handle The Result
if (validLogin)
{
boolean changed = sessionEditor.changeSessionVariable("userName", userName, session);
if (changed)
{
writer.write("success:login");
}
else
{
writer.write("failed:Could not set session variable");
}
}
else
{
boolean changed = sessionEditor.changeSessionVariable("userName", null, session);
writer.write("failed:Bad Username/ID");
}
}
}

if (mode.equalsIgnoreCase("logout"))
{
if (session != null)
{
boolean changed = sessionEditor.changeSessionVariable("userName",null, session);
errLog.writeAlert("Session variable changed:" + changed);
if (changed)
{
changed = sessionEditor.endSession(session);
errLog.writeAlert("Session Deleted:" + changed);
if (changed)
{
writer.write("success:logout");
errLog.writeAlert("success:logout");
}
else
{
writer.write("failed:No Session to invalidate in the session function");
errLog.writeAlert("failed:No Session to invalidate in the session function");
}
}
else
{
writer.write("failed:to set the session variable");
errLog.writeAlert("failed:to set the session variable");
}
}
else
{
writer.write("failed:No Session to invalidate");
errLog.writeAlert("failed:No Session to invalidate");
}

}

}

}
catch (Exception ex)
{
try
{
writer = response.getWriter();
writer.write("Error:");
ex.printStackTrace(writer);
errLog.writeError(ex);
}
catch (Exception e) { }
}
finally
{
writer.flush();
}

}

public boolean changeSessionVariable(String varName, String varValue, HttpSession session)
{
if (session != null)
{
try
{

//if (varName != "userName")
//{
session.setAttribute(varName, varValue);
return (true);
//}
//else
//{
// errLog.writeAlert("Username not found");
// return (false);
//}
}
catch (Exception ex)
{
errLog.writeError(ex);
return (false);
}
}
else
{
errLog.writeAlert("No Session found, This was supposed to be a parameter so please check the code calling this function");
return (false);
}
}
public boolean endSession(HttpSession session)
{
try
{
session.invalidate();
return true;
}
catch(Exception ex)
{
errLog.writeError(ex);
return false;
}
}

[7022 byte] By [partyk1d24] at [2007-11-11 10:14:33]

This is a Technology portal site for all the developer, It's a community, here you can post your question when you are learning, working, and soso...we'll make it better than yesterday Everyday...

Problem getting session information

Developer Tech

All Classified

Developer Tech New Topic

Developer Tech Hot Topic