Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Servlets and the fly likes Invalidation HttpSession upon closing the browser Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Invalidation HttpSession upon closing the browser " Watch "Invalidation HttpSession upon closing the browser " New topic
Author

Invalidation HttpSession upon closing the browser

Alok Pota
Ranch Hand

Joined: Mar 07, 2001
Posts: 185
Is there a clean way out there, to invalidate a user's httpsession when the user closes the browser? I have seen several
Javascript hacks which are not browser compatible. I need something that will work with IE 4.0 + and Netscape 6.0.
Thanks
Alok
Brett Knapik
Ranch Hand

Joined: Oct 15, 2000
Posts: 255
If you set the lifetime of the cookie to a negative number it the cookie will be deleted after the browser closes.
------------------
In Gates we trust. Yeah right....


"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning."
Bharatesh H Kakamari
Ranch Hand

Joined: Nov 09, 2000
Posts: 198
You can use session.invalidate() method to invalidate an httpsession.
Randall Twede
Ranch Hand

Joined: Oct 21, 2000
Posts: 4347
    
    2

yes, but that wont work if the person closes the browser before they get to that line of code. I am wondering what kind of problem it can cause if you dont do anything about it?


SCJP
Visit my download page
Alok Pota
Ranch Hand

Joined: Mar 07, 2001
Posts: 185
Originally posted by Randall Twede:
yes, but that wont work if the person closes the browser before they get to that line of code. I am wondering what kind of problem it can cause if you dont do anything about it?


The problem is that, I typically store some objects in the HttpSession and would like to quickly *null* those objects when the session is invalidated.
public MyObject implements HttpSessionBindingListener {
private Map map1,map2,map3;
private List list1,list2;
public MyObject() {
map1 = new HashMap();
map2 = new HashMap();
list1 = new ArrayList();
list2 = new ArrayList();
}
//Method 1
public void valueBound(HttpSessionBindingEvent eve) {
}
//Method 2
public void valueUnBound(HttpSessionBindingEvent eve) {
list1 = null;
list2 = null;
map1 = null;
map2 = null;
map3 = null;
}
}
Method 2 gets called when the session is invalidated. Session is invalidated if the client remains inactive for (say 30 mins). Closing the browser does not allow the container to call method2
immediatly nd it gets called only after 30 mins of inactivity thus holding up unused memory in the list1,list2, map1,map2,map3
objects..
I need a way to signal the conatiner to call method2 as soon as the browser is closed.
Method
Randall Twede
Ranch Hand

Joined: Oct 21, 2000
Posts: 4347
    
    2

well I suppose if those objects are quite large, or you have mass traffic, it could be a problem. Im sorry I dont have solution, I never had to worry about it.
Anoosh Rahman
Greenhorn

Joined: Dec 07, 2000
Posts: 5
Hi.
You can make use of onunload or onbeforeunload functions ,,write an javascript event to call a servlet to invalidate httsesssion for onBeforeUnLoad .
onBeforeUnload will get trigeered on closing the browser,,,
Regards,
------------------
Alok Pota
Ranch Hand

Joined: Mar 07, 2001
Posts: 185
Originally posted by Anoosh Rahman:
Hi.
You can make use of onunload or onbeforeunload functions ,,write an javascript event to call a servlet to invalidate httsesssion for onBeforeUnLoad .
onBeforeUnload will get trigeered on closing the browser,,,
Regards,

The thing is "onunload" is called everytime I leave the page that says uses this session object. There is no way to differentiate between an onunload triggered by leaving the page & an onunload triggered by closing the browser.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Invalidation HttpSession upon closing the browser