Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Accessing session of another user

 
sachin pathak
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I want to implement following functionality. I have an application where there can be number of users logged in at a time. Now we have a special user called as Admin. We need to provide a way for admin to logout the other users. We are storing the user authentication information in the session for every user. So one of the way is to get all the session objects and invalidate the ones which satisfy certain condition. How do I do this ?
In other words I want to get the HTTPSession objects for all the sessions currently maintained by the server.
Thanks in advance
Sachin
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13056
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Although the servlet API used to have more direct functions for this, they were removed due to security concerns.
You are going to have to "roll your own" by using the various session listeners. Exactly how depends on which servlet API your server implements.
See for example javax.servlet.http.HttpSessionListener - new with api 2.3
Bill
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic