This week's book giveaway is in the OCMJEA forum.
We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line!
See this thread for details.
The moose likes JSP and the fly likes Session Question -- Global Sessions???? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Session Question -- Global Sessions????" Watch "Session Question -- Global Sessions????" New topic

Session Question -- Global Sessions????

Mike London
Ranch Hand

Joined: Jul 12, 2002
Posts: 1064
As each user logs in to my site, I want to add him or her to a "global session" so, that on another JSP page, I can list all the users who are currently logged in. I also want to, using a meta refresh, keep this list up to date if a user either closes the browser or logs out.
For example, if user one logs in then the page will have his or her name. When the second user logs into the site, then the page would list both users and so on.
It seems that the HttpSession session API is within the same user's session, not a "gloabl" session for all users.
Can what I want to do be done with HttpSessions or should I implement a database solution or other method to track all the logged in users?
Thanks very much for any and all replies.
-- Mike
Frank Carver

Joined: Jan 07, 1999
Posts: 6920
If you want to share information between all sessions, then what you need is "application" scope.
However, remember that your application is unlikely to ever know when a user has closed a session if they don't explicitly click some sort of "log off" button. A browser does not notify the server if the user goes to a different web site, closes a browser window, or shuts down a client computer. So don't expect to ever have an accurate notion of who is "currently logged in". Any time you see something like this on a web site it is largely guesswork.

Read about me at ~ Raspberry Alpha Omega ~ Frank's Punchbarrel Blog
Mike London
Ranch Hand

Joined: Jul 12, 2002
Posts: 1064
Thanks much for your reply.
Based on what you said, probably the best way to implement knowing if a user has "logged off" (closed browser or whatever) is to have a database that would store the last time the user's browser refreshed (via a meta refresh tag).
If a timestamp in some database's table, for a given user, is longer ago than a certain interval, you would assume the user had "logged out" and remove him/her from the list of "logged in users".
Of course, whether the user had really closed the browser or gone to lunch is unknown.
What do you think of this approach?
-- Mike
Frank Carver

Joined: Jan 07, 1999
Posts: 6920
You can do this if you like, but you don't really need to. In essence, this is what the session mechanism does already.
Take a look at the session event mechanism provided by your container, it's pretty easy to hook in an object whch implements javax.servlet.http.SessionListener and adds one to a count each time a session is created, and removes one each time a session expires or is destroyed.
To make sure your information is as accurate as possible, make sure you offer diligent users a way to log out, and make sure your code destroys their session if they choose to log out.
Mike London
Ranch Hand

Joined: Jul 12, 2002
Posts: 1064
Thanks very much.
Will do.
Mike London
Ranch Hand

Joined: Jul 12, 2002
Posts: 1064
In your reply, you mentioned that you could "hook" a seesion using HttpSessionListener.
The code in "More Servlets and JavaServer Pages" has just such an example.
However, what if I need to know "which" session went away (that is, so I can remove a particular user in the list of logged in users)?
With a database implementation, I could know which user, and a wealth of other information. However, I don't want to re-invent the wheel, so to speak if all this can be done using the HttpSessionListner.
Is this possible as well?
I posted a note in the forum this morning about my issues using HttpSessionListner.
I appreciate your help.
-- Jim
Ken Robinson
Ranch Hand

Joined: Dec 23, 2003
Posts: 101
When a user logs in, put their user id in the Session. When that Session times out and the sessionDestroyed method is called on the listener, you can get the user id from HttpSessionEvent.getSession.getAttribute(), using the key of the user id.
Be aware of two things I can think of that may cause a problem.
If a user can log in twice, a time out of one session may not translate to all sessions being closed.
If a user quits and logs back in without the first session timing out, you may not want to show the user as logged off once the first session time out event is fired.
Mike London
Ranch Hand

Joined: Jul 12, 2002
Posts: 1064
Are you sure this would work?
From reading Marty Hall's 2nd edition of Core Servlets, it says that once sessionDestroyed gets called, all the attributes are already gone.
Thus, sessionDestroyed() is only good for session counts and such.
Have you tried what you're suggesting?
It sounds interesting, but I couldn't get anything like this to work with sessionDestroyed().
Look forward to your reply.
-- Mike
Krishna Srinivasan
Ranch Hand

Joined: Jul 28, 2003
Posts: 1844

u can use ArrayList to store the no of users loggedin, then u put that object in session..whenever u want to display the no of users logged in u get the arraylist object and display it

Krishna Srinivasan
Spring Tutorials, OCAJP Mock Questions, 400+ OCPJP Mock Questions
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 61105

JavaRanch is a community of people from all over the world, many of who are not native English speakers. While using abbreviations like "u" instead of spelling out "you" is convenient when text messaging your friends on a cell phone or in a chat room, it presents an extra challenge to those that are already struggling with English. I would like to ask for your help in making the content of JavaRanch a little easier to read for everybody that visits here by not abbreviating such words.
JSP Forum Bartender

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299

Ok, just my 2 cents. This is what I did to accomplish an update in the database that a user has logged off/session has ended.

And where is this? I have a file that implements the HttpSessionListener. When a user logs in, I instantiate this bean, fill it with user info, and put it in the session. So when the session dies, and the object is lost or "valueUnbound" this is what happens. Hope this gives you a start if this is indeed what you are looking for.

GenRocket - Experts at Building Test Data
steve souza
Ranch Hand

Joined: Jun 26, 2002
Posts: 861
Tracking/counting/timing 'things' can easily be done with JAMon. I have used JAMon to track page hits by user, and with this you can also track when was the last time the user executed a page request. This can be done with servlet filters. You can see servlet filters in action with JAMon by going to the following address. Note in this filter all file access is monitored (i.e. jpg, jsp, servlets, html, gif's etc.), but you could easily add page hits by user. I think the couple lines of code needed to monitor your Web app with JAMon are the most important lines in any web application.
I have also monitored by sessions and code for this is also available. In general I have found my users logout via the logoff button only 5% of the time.
Also JAMon couldn't be easier to use.
Here are links that will help: - JAMon home page. - JAMon live demo - Sample servlet filter and session monitor code
The full JAMon demo can be run from and selecting live demo. - a fast, free open source performance tuning api.
JavaRanch Performance FAQ
I agree. Here's the link:
subject: Session Question -- Global Sessions????