This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session Termination

 
Manohar Karamballi
Ranch Hand
Posts: 227
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hai!
Here is my problem! I have a session running between client(User) and Server. An user with admin rights can able to terminate that session from some other application running in same server.(Same as in Timeout of session but should whenever admin runs that aplication).
ASAP!
Thanks in Advance.
From
Manohar
 
Ashutosh Uprety
Ranch Hand
Posts: 39
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If all u want to do is to give a "can log out anyone" permission to administrator, then here is what u can do ...
1. create a temp table with userId, jsessionid,usertype(admin or normal)
2. whenever anyone logs in then populate temp table with above info.
3. allow the admin to view whoever is logged on, by showing a list of users in the temp table.
4. allow him to delete any record from this temp table
5. for every agent user, before entering any page, check if the session is available in the temp table. If jsessionid is not available, then log him out.
gotcha !!
 
Manohar Karamballi
Ranch Hand
Posts: 227
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for quick reply! I will try that and let u know abt result!
 
Manohar Karamballi
Ranch Hand
Posts: 227
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Good Idea! But is there any further better way of doing this?
Regards
Manohar
------------------
 
Vels Manian
Greenhorn
Posts: 22
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi,
Try whether this can be used.
For the admin user get the SessionContext and display all the users details logged in and allow him to delete the session.
You can parse through the sessions and find the session info.
bye
vels

[This message has been edited by Vels Manian (edited July 17, 2001).]
 
Vels Manian
Greenhorn
Posts: 22
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi,
Here is the code u asked for.

HttpSession session = request.getSession(true);
HttpSessionContext contxt = session.getSessionContext();
Enumeration enum = contxt.getIds();

HttpSession session1;
while(enum.hasMoreElements())
{
session1 = contxt.getSession((String)enum.nextElement());
if(check for validitity of the session)
session1.invalidate();
}
hope this helps u
tc
vels
 
Raghav Sam
Ranch Hand
Posts: 412
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Vels Manian:
hi,
Here is the code u asked for.

HttpSession session = request.getSession(true);
HttpSessionContext contxt = session.getSessionContext();
Enumeration enum = contxt.getIds();

HttpSession session1;
while(enum.hasMoreElements())
{
session1 = contxt.getSession((String)enum.nextElement());
if(check for validitity of the session)
session1.invalidate();
}
hope this helps u
tc
vels

But be warned, HttpSessionContext is deprecated for security reasons.
------------------
Raghav.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic