aspose file tools*
The moose likes Servlets and the fly likes Releasing HTTP session state Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Releasing HTTP session state" Watch "Releasing HTTP session state" New topic
Author

Releasing HTTP session state

Kelly Dolan
Ranch Hand

Joined: Jan 08, 2002
Posts: 107
I have a servlet that for a given user session stores stuff in its HTTPSession scope. I have a button on my UI that if the user clicks it, I know to release the HTTPSession stuff. I also know that eventually the HTTP session will timeout and at such a time (or later based on the container/servlet implementation) the HTTPSession stuff will be released as well.
I cannot stop a user from closing the browser through the X button or Alt-F4. I also cannot stop a user from leaving my UI site but going to another web page. Is there a way I can catch these events so that I can trigger JavaScript in my HTML UI to make a callback to my servlet so it releases resources right away (i.e., just like the button on the UI described above)???
Any and all help is greatly appreciated!
Kelly
Simon Brown
sharp shooter, and author
Ranch Hand

Joined: May 10, 2000
Posts: 1913
    
    6
I guess that you could do, but ultimately the user could have JavaScript disabled. You're right though, the session will eventually timeout so freeing up those resources. I'm trying to understand your requirement here ... are you just releasing this state because of the physical (i.e. memory) resources, security reasons or something else?
Sonny Gill
Ranch Hand

Joined: Feb 02, 2002
Posts: 1211

I was struggling with that problem a while ago..there doesnt seem to be any sure-shot way..
I remember seeing some javascript code on the net that does this -
1. on unLoad, open a window, using javascript
2. In that window, check the opener property to see if the original window is still open.
If it is open, means the user hasnt closed the browser, something else triggered the onUnload event, do nothing.
If it is closed, call the servlet code to do whatever u want to do
3. Close the new window.
I never tried it throughly, you might want to think along those lines.
and you may find some ideas in this discussion
discussion


The future is here. It's just not evenly distributed yet. - William Gibson
Consultant @ Xebia. Sonny Gill Tweets
Kelly Dolan
Ranch Hand

Joined: Jan 08, 2002
Posts: 107
In re: to Simon...
1. Assume JavaScript is enabled. My UI code depends on it (and our customers will be informed of the requirement) so if JavaScript is disabled, recognizing the closing of the browser window or navigating to some other site will not be the problem.
2. From a requirements standpoint, I simply want to manage server resourses wisely. There will be many users hitting my server and therefore the memory footprint may be large. If something is no longer needed, I'd like to free the resources when I know they are no longer needed. I can do this if they click my button that says "I'm done" but I cannot prevent them from simply closing the browser window or navigating to another site.
Thanks to everyone for their feedback!
Kelly
Arnie Stillman
Greenhorn

Joined: May 12, 2004
Posts: 1
I use the "session" variable of the HttpSession object to do just this. Call
session.invalidate() to release all objects bound to the session. I do it with an "Exit" button, but you can just as easily call a jsp page with onunload="invalidate.jsp" in the body tag.
My invalidate.jsp simply contains:
<%
session.invalidate();
%>
tan kong sang
Greenhorn

Joined: Mar 14, 2005
Posts: 2
i using the
session.invalidate();
to logout from the page. but it seems like it doesn't work...
can someone help me???
here is the code...

<%@ page contentType="text/html" %>
<%@ page session="true" %>
<html>
<head>
<title>Logout </title>
</head>

<body>
<%
session.invalidate();
%>

</body>
</html>
Sripathi Krishnamurthy
Ranch Hand

Joined: Mar 07, 2005
Posts: 232
try request.getSession().invalidate()
Mark Poll
Greenhorn

Joined: Apr 28, 2005
Posts: 1
<HEAD>
<SCRIPT FOR=window EVENT=onunload>
alert("Bye!!!");
</SCRIPT>
</HEAD>
<BODY>
</BODY>
D Rog
Ranch Hand

Joined: Feb 07, 2004
Posts: 472

Using javascript can leave certain percentage of session data not cleaned, since a browser can be crashed, frozen, or left unattendent. You can put in session timer objects which will free some session data after some time. I assume that you need to keep session valid for much longer time.


Retire your iPod and start with HD Android music player Kamerton | Minimal J2EE container is here | Light weight full J2EE stack | and build tool | Co-author of "Windows programming in Turbo Pascal"
James Carman
Ranch Hand

Joined: Feb 20, 2001
Posts: 580
Originally posted by D Rog:
Using javascript can leave certain percentage of session data not cleaned, since a browser can be crashed, frozen, or left unattendent. You can put in session timer objects which will free some session data after some time. I assume that you need to keep session valid for much longer time.


Why wouldn't you just use the built-in session timeout support?


James Carman, President<br />Carman Consulting, Inc.
D Rog
Ranch Hand

Joined: Feb 07, 2004
Posts: 472

A good suggestion, here are few examples where I can't use session time-out:
1. wizards, it assumes using several screens, of course it's better solution to keep state of wizard in hidden fields, but sometime session is more preferable. So, if user left wizard and continue working on other screens, wizard state remains in session.
2. work in single sign on environment, Siteminder agent manages user logins and requires to have no time out for sessions.
3. Some other examples you can give me from your experience.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Releasing HTTP session state
 
Similar Threads
session tracking
Session in Distributed Environment
read contents of a textarea and an uploaded file simultaneously
Need Help and Suggestion
session validate is not working in internet explorer only, but working with other browsers