Why session is not null after session.invalidate() in JAVA?

Question

I am facing very strange problem while developing JavaEE WEB Application.

Even after invalidating the HttpSession using session.invalidate();

Answer 1

The invalidate method does the following (from API):

Invalidates this session then unbinds any objects bound to it.

It says nothing about the HttpSession-object itself, but invalidates the session's variables. If you call a method of a class, it is impossible for the object to be null after that method call. If your session should be null afterwards, the method must include a line that looks something like: this = null; which would not be possible. Throwing an exception for an invalidated session is the prefered way to do it.