File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes HttpSession ... tracking and cleanup Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "HttpSession ... tracking and cleanup" Watch "HttpSession ... tracking and cleanup" New topic

HttpSession ... tracking and cleanup

Mufaddal Khumri

Joined: Jun 13, 2002
Posts: 9
I have got a ServletContextListener that does initialization and cleanup for my webapp. I was wondering if there was a way to:
1. Get the pool of sessions for my webapp (as a collection on which i can iterate or enumerate). this would allow me to call session.invalidate on all these session objects.
2. Invalidate all sessions to my webapp in this Listener ? If not, in what way can I invalidate all sessions when i start / reload my webapp ?
William Brogden
Author and all-around good cowpoke

Joined: Mar 22, 2000
Posts: 13036
Why not add the HttpSessionListener interface to your ServletContextListener - that would give you the sessionCreated and sessionDestroyed methods so you could create a list of active sessions.
Mufaddal Khumri

Joined: Jun 13, 2002
Posts: 9
Before writing code to do this, I was wanting to know if the container provided any mechanism to do this. For invalidating sessions it seems Tomcat's server.xml can be tweaked to include:
<Manager className="org.apache.catalina.session.PersistentManager"
The problem is that even after doing the above, it does not work for me. I did the following test to test my webapp after i put the above in the server.xml:
1. started tomcat.
2. started a browser, logged into MyApp and used it.
3. stopped tomcat and restarted tomcat . (kept the browser window that i was using in step 2 open).
4. went back to my browser window from step 2 and tried to continue using my MyApp by clicking on one of the links to a jsp page. The browser showed me a blank window -
AT THIS POINT I checked the session attribute and it was still existing. My code that redirects the user to the login page checks to see if this attribute is not there or is false. Since its present and is true it does not redirect the user. The only way i can redirect the user to the login page is by invalidating the session he or she is using . For this i made the change to the server.xml.
Any ideas why this isnt working ?
I agree. Here's the link:
subject: HttpSession ... tracking and cleanup
jQuery in Action, 3rd edition