The point of using listeners generally is to decouple various pieces of code from one another. Code that runs when a session is created or deleted shouldn't be mixed up with code that decides how a response is created.
But there must be a piece of code that creates (or invalidates) the session, thus leading to the event listener being called. Maybe the logic for determining the response would fit in there?
John Eric Hamacher
Joined: Apr 25, 2007
Thank you for responding.
Actually I am trying to handle session timeouts. I think I may use a Filter to check my session and redirect.
subject: HttpServletResponse in HttpSessionListener