Throw exception when trying to invalidate FakeHttpSession

The FakeHttpSession is used only for Tomcat 7 as far as I can see (#11721)
Invalidating the fake session will not invalidate the real session so
the end result will not be what the user expects, therefore we throw an
exception instead in this case.

Change-Id: I1703644736d81ee2870b709517cbe5fa523d00f7

1 files changed, 14 insertions, 0 deletions

diff --git a/server/src/com/vaadin/server/WrappedHttpSession.java b/server/src/com/vaadin/server/WrappedHttpSession.java
index a425a7e5cf..aed3be1ca0 100644
--- a/server/src/com/vaadin/server/WrappedHttpSession.java
+++ b/server/src/com/vaadin/server/WrappedHttpSession.java
@@ -85,6 +85,20 @@ public class WrappedHttpSession implements WrappedSession {
 
     @Override
     public void invalidate() {
+        if (session == null) {
+            throw new IllegalStateException(
+                    "Session is null and cannot be invalidated");
+        }
+
+        if (session.getClass().getName()
+                .equals("org.atmosphere.util.FakeHttpSession")) {
+            throw new UnsupportedOperationException(
+                    "FakeHttpSession cannot be invalidated. "
+                            + "This typically means you are using websockets together with Tomcat 7. "
+                            + "Because Tomcat 7 does not support sharing the HTTP session between standard HTTP requests and websockets, a copy of the session is used for websockets. "
+                            + "Invalidating this session does not have the desired effect. "
+                            + "To resolve this, upgrade to Tomcat 8 or use another transport mechanism than websockets.");
+        }
         session.invalidate();
     }