If i am correct this may be one of the way, but there may be better implementations.
When the user login a session object is created for that user and is used for his session till he logs out. We may store a string containing the current search details in the session object.
For retrieving the details of all the sessions, we may store the session object in a map(when the user logs in) and when we delete/invalidate a session we may remove it from the map.
Any modification made in the session object for a user will also be available in the map. So its can be used to display all the sessions.
Some places DBs are also used to store session object.
Sudipta Kumar Laha
Joined: Jan 22, 2004
Is the best (only?) way to detect session deletion/invalidation via the HttpSessionListener and it's sessionDestroyed method?