File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB and other Java EE Technologies and the fly likes destroy sessionContext from EJB? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "destroy sessionContext from EJB?" Watch "destroy sessionContext from EJB?" New topic
Author

destroy sessionContext from EJB?

nimo frey
Ranch Hand

Joined: Jun 28, 2008
Posts: 580
Look at this:

Client A has the session Context:

session = Session@ff0e

Client B has the session Context:

session = Session@ee1e

How can I selectivley destroy the session from Client B?

I know, I can destroy a session via:

session.removeAttribute(session);

But this destroys only the session from the actual Context, that means, when I invoke this method from Client B, then the Session from Client B will be destroyed.

I use EJBs and JBOSS.

Any suggestions?
nimo frey
Ranch Hand

Joined: Jun 28, 2008
Posts: 580
I know, I can do it via HttpSessionListener, but then I need a Servlet..and I am wondering, if I can do the same via JSF and ManagedBeans or via EJB Stateful/Stateless Beans?

Is there any possiblity without using the Servlet directly?
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30130
    
150

Nimo,
It definitely can't be done from EJB. The EJB layer is a different layer than the Servlet layer so wouldn't have access to the HttpSession.

My recommendation would be to use the SessionListener to create a map of all sessions. That way you can lookup the appropriate session to destroy. You don't need a servlet though - just a session listener implementation.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
nimo frey
Ranch Hand

Joined: Jun 28, 2008
Posts: 580
okay thanks,

I have done it via



and registerd the listener in web.xml.

I store all the sessions in a Map and can check the values in it.

But what should I do, when I want to delete a particular session?

I have a method



but I have no method like



Do you know any refs for explicitly delete a particular session?

Should I better use HttpSessionAttributeListeners for this scenario?
Steve Luke
Bartender

Joined: Jan 28, 2003
Posts: 4167
    
  21

When do you know which session you want to destroy?

The key will be to put the map of id->sessions in a scope that is appropriate for the access you need. Assuming we can take the session scope and request scope out, then on a basic Servlet application you would store your map in the ServletContext:


Then wherever you determine which session needs to be killed, you do:


Steve
nimo frey
Ranch Hand

Joined: Jun 28, 2008
Posts: 580
Hello Steve,

thank you! this was very helpful!

I am now able to destory a particular session.

I hold key and values in the application-scope:


... ...

All works fine.

The only thing, I am unsure about this:

How about the space in my application-Scope?
Is it good to store this information in that scope?
Where is the limit?

This is how I store my objects:



I do not need the


Does it makes a difference?

However, I was trying to store the relevant data into the SESSION-object itself (so I do not need to store all the data in the application-scope). Makes it sense? But it seems, this does not work:



Should I leave it in my application-scope or should I try to store the relevant information in the session-scope?

[ September 07, 2008: Message edited by: nimo frey ]
[ September 07, 2008: Message edited by: nimo frey ]
Steve Luke
Bartender

Joined: Jan 28, 2003
Posts: 4167
    
  21

... I use ... facesContext ... not ... ServletContext ... Does it makes a difference?


No, just as long as the scope is what you need it to be and you remember to maintain it properly (ie, remove dead sessions when they invalidate).

However, I was trying to store the relevant data into the SESSION-object itself (so I do not need to store all the data in the application-scope). Makes it But it seems, this does not work:





Should I leave it in my application-scope or should I try to store the relevant information in the session-scope?


I am not clear on what you mean by relevant data. The rule is that you should put data in the smallest possible scope you can. If the 'relevant' data is meant for a single user and needs to be shared over multiple requests then the session scope is the proper route to go. If the data is shared among all users or is needed by the application itself to function (like the map of session ids) then it belongs in an application scope, otherwise it would get lost when a session ends.

I also don't know what you mean by:"However, I was trying to store the relevant data into the SESSION-object itself (so I do not need to store all the data in the application-scope). Makes it But it seems, this does not work:"

What do you mean when you say it does not work?
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30130
    
150

Originally posted by nimo frey:
How about the space in my application-Scope?
Is it good to store this information in that scope?
Where is the limit?

The limit is the amount of available memory.

You aren't using much memory with this system though. The session already exists in memory. So you are just storing a map with the keys (low memory) and a pointer to each session (also low memory.)

The two code samples you posted are identical in terms of memory as both are storing a pointer to the session.
Paul Sturrock
Bartender

Joined: Apr 14, 2004
Posts: 10336

Originally posted by Jeanne Boyarsky:

The limit is the amount of available memory.


If you are using Tomcat 5.5 or above, this includes a mechanism (org.apache.catalina.session.PersistentManagerBase) which can be used to serialize idle sessions to disk. So the limit is now actually higher than the available memory (assuming all sessions are not active at the same time).


JavaRanch FAQ HowToAskQuestionsOnJavaRanch
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: destroy sessionContext from EJB?
 
Similar Threads
regarding the listener interfaces
Java Mail Sending troubleshooting
Increasing the session time out
How to Re-Authenticate an user to an active session
regarding the listener interfaces