aspose file tools*
The moose likes Servlets and the fly likes Invalidation of an existing session Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Invalidation of an existing session" Watch "Invalidation of an existing session" New topic
Author

Invalidation of an existing session

Sub swamy
Ranch Hand

Joined: Oct 02, 2002
Posts: 121
Is there anyway to retrieve the session object if we know the sessionId ?

I am trying a customized implementation of single-sign-out - if a user logs out of one application he should be logged out of another application as well. I do retain the sessionId of the parent application. Using this value, i would need to invalidate the existing session. Is there anyway i could do this.
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

Subramanian Narayanaswamy wrote:Is there anyway to retrieve the session object if we know the sessionId ?

Directly, No. SUN has deprecated the API for the same.

But with little hack you can do this:
Create a application scoped map for Session Id(key) and session object(value), Add the key-value pairs for each new session-id and invalidate the session (value) if the users wished to sign out.


[LEARNING bLOG] | [Freelance Web Designer] | [and "Rohan" is part of my surname]
Sub swamy
Ranch Hand

Joined: Oct 02, 2002
Posts: 121
Thanks for the response. Thats what i was trying as a work around.

Guess a readymade API would have really helped here.
Mohamed Inayath
Ranch Hand

Joined: Nov 22, 2004
Posts: 124
Subramanian Narayanaswamy wrote:Thanks for the response. Thats what i was trying as a work around.



Where do you store the map.

Lets say, you have
1. SSO application
2. Application 1
3. Application 2

If all the request are passed through SSO then abevioulsy it will be SSO application.
But how do you get the the session object for each user session to the sso application to store.

Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

Subramanian Narayanaswamy wrote:
Guess a readymade API would have really helped here.

Do you really think to implement above steps one need a readymade API ?
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9313
    
  17

Sagar Rohankar wrote:
Subramanian Narayanaswamy wrote:
Guess a readymade API would have really helped here.

Do you really think to implement above steps one need a readymade API ?


+1


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

Mohamed Inayath wrote:
But how do you get the the session object for each user session to the sso application to store.

Once the user logs in, we retrieve its attached session object with id and stores into a map.
Mohamed Inayath
Ranch Hand

Joined: Nov 22, 2004
Posts: 124
Sagar Rohankar wrote:
Once the user logs in, we retrieve its attached session object with id and stores into a map.


You are right.

My question was where will you store the session objects in one common store map.

In a SSO envoironment there will be having different application with different context. Am I right in saying this.
So all your request will be passed thru SSO.
Accordinly one will be having multiple conexts (SSO, APP1, APP2..APPn).

My question is where you are going to keep your store map?

Is it in SSO, APP1, APP2..APPn..
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

Most possibly in SSO application and we can have access to cross context variables(Don't have any knowledge about cross context access, but I heard somewhere that we can do this, Consult Google OR search same forum)
Mohamed Inayath
Ranch Hand

Joined: Nov 22, 2004
Posts: 124
Sagar Rohankar wrote:Most possibly in SSO application and we can have access to cross context variables(Don't have any knowledge about cross context access, but I heard somewhere that we can do this, Consult Google OR search same forum)


Sorry, You cannot do that..

Context can't be shared.

Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

I told you, I heard it somewhere and need a search, Until when I Googled, I found this and this.

Is it really what we are looking for ?
Mohamed Inayath
Ranch Hand

Joined: Nov 22, 2004
Posts: 124
Sagar Rohankar wrote:I told you, I heard it somewhere and need a search, Until when I Googled, I found this and this.



Yes,.. Memory In replication is Clustering service replicates the session data between the two JVMs but what we are looking into is quite different.
The Clustering services takes care of the replication of session objects.

Is it really what we are looking for ?


Actually we are diverting the actual topic.
Its better we can try to solve the actual issue.

Anyways thanks for the links its quite useful one
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

Ok, I got it now, its not that much easy as I supposed previously. After searching this forum for the same issue I come across this thread. Hope it might helps.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Invalidation of an existing session