Skip to main content

How To Get Session Map From ServletContext

3 replies [Last post]
ilitheblack
Offline
Joined: 2009-08-05
Points: 0

Hi Everyone, i try to get HttpSessions from ServletContext(ApplicationContext)...Because i think this is the only way to learn if the user's session is time-out or not...i read an article about LRUCache of servlet engine but could not find any information how to reference it...How can i listen a specific user's session? do i have to use a java.util.Map to store sessionIds of Users and a thread to expire them after a period of time equals to the session time-out parameter in web.xml?...
I am using Glassfish v2.1...
Thx for your replies in advance...

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Jan Luehe

On 03/12/10 05:39 AM, webtier@javadesktop.org wrote:
> Hi Everyone, i try to get HttpSessions from ServletContext(ApplicationContext)...Because i think this is the only way to learn if the user's session is time-out or not...i read an article about LRUCache of servlet engine but could not find any information how to reference it...How can i listen a specific user's session? do i have to use a java.util.Map to store sessionIds of Users and a thread to expire them after a period of time equals to the session time-out parameter in web.xml?...
> I am using Glassfish v2.1...
> Thx for your replies in advance...
>

You don't need to worry about determining whether user sessions have
timed out and should be invalidated and purged. The web container takes
care of this. It assigns a container thread to every deployed web
application, which periodically (using a configurable time interval)
enumerates all of the application's active sessions and determines which
ones have exceeded their maxInactiveInterval and therefore should be
removed.

Jan

> [Message sent by forum member 'ilitheblack' (gurcan.ilker@hotmail.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=391481
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: webtier-unsubscribe@glassfish.dev.java.net
> For additional commands, e-mail: webtier-help@glassfish.dev.java.net
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: webtier-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: webtier-help@glassfish.dev.java.net

ilitheblack
Offline
Joined: 2009-08-05
Points: 0

Firstly, i would like to thank you for your reply...I know this information mate...it takes care of everything about session management but consider that scenerio:
A user logs in to the system with a username and a password..And after that another user tries to logs in to the system with the same username and password but by a different browser than the first user uses or a different tab within the same browser...This case must not be allowed by the system...There is one information not known by the system at that point... which is the session of the first user is invalidated (due to time-out or his own will) or not...And also (as you know) the system can not use the second user's request to get the session of the first user so cannot determine whether the first user's session invalidated or not...
I hope this scenerio is helpfull to explain my problem...
Thanks for your future replies in advance...

Lincoln Baxter, III

I would recommend using a Session Listener in order to maintain the Map of
sessionIds->HttpSession objects manually:

http://www.java2s.com/Code/Java/Servlets/Servletsessionlistener.htm

--Lincoln

On Sat, Mar 13, 2010 at 2:35 AM, wrote:

> Firstly, i would like to thank you for your reply...I know this information
> mate...it takes care of everything about session management but consider
> that scenerio:
> A user logs in to the system with a username and a password..And after that
> another user tries to logs in to the system with the same username and
> password but by a different browser than the first user uses or a different
> tab within the same browser...This case must not be allowed by the
> system...There is one information not known by the system at that point...
> which is the session of the first user is invalidated (due to time-out or
> his own will) or not...And also (as you know) the system can not use the
> second user's request to get the session of the first user so cannot
> determine whether the first user's session invalidated or not...
> I hope this scenerio is helpfull to explain my problem...
> Thanks for your future replies in advance...
> [Message sent by forum member 'ilitheblack' (gurcan.ilker@hotmail.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=391632
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: webtier-unsubscribe@glassfish.dev.java.net
> For additional commands, e-mail: webtier-help@glassfish.dev.java.net
>
>

--
Lincoln Baxter, III
http://ocpsoft.com
http://scrumshark.com
"Keep it Simple"
[att1.html]