This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Servlets and the fly likes Servlet Session Tracking Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Servlet Session Tracking" Watch "Servlet Session Tracking" New topic

Servlet Session Tracking

Saravanan V

Joined: Sep 20, 2001
Posts: 15
I want a user to be authenticated only once.So i create a session and set a flag when he logs in.The next time when he login a message is thrown.I invalidate the session and reset the flag when he logs out.I have set a max inactive interval for the session to be 10 mins.Now here is the probs.I want to reset the flag when the session expires.How this can be done.Help in this.
Peter den Haan
Ranch Hand

Joined: Apr 20, 2000
Posts: 3252
You don't mention where that flag is being set. But it may be useful to know that if you create a session-scoped JavaBean that implements HttpSessionBindingListener, its valueUnbound() method gets called when the session expires. That should give you the hook you need to do whatever needs doing.
- Peter
[This message has been edited by Peter den Haan (edited November 12, 2001).]
Saravanan V

Joined: Sep 20, 2001
Posts: 15
Hi Peter
Thanx for Ur Reply.Anyway i set the flag in the database.
I used a class that implements the HttpSessionBindingListener interface and the valueBound() method and valueUnbound() seems to be called when u bind the object to the class(by session.putValue()) and unbind the object(by session.removeValue()).This is where the problem is.When logout i am removing the value which unsets the flag in database..but thatz the not the case when session expires as i dont call removeValue().Hope the problem is more clearer now..
I agree. Here's the link:
subject: Servlet Session Tracking
Similar Threads
Session Invalidation
Clear session on Browser Close
Question related to application security
Using timers with phase listeners