Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 491
  • Last Modified:

session timeout

how do i go about killing off a session with a unique ID and a timeout value providing that sessionID is *not* used within the timeout period ...
0
knor
Asked:
knor
1 Solution
 
Laminamia063099Commented:
I assume you're talking about a servlet session.  If so, call the session object's method:
  setMaxInactiveInterval(int intervalInSeconds);

for the session that you desire, and the session will be killed by the servlet engine if not used within the number of seconds specified.

I hope this is helpful.  

Laminamia :)
0
 
cheeku_76Commented:
hi!
for the setting session time u can use Session.setmaxInactiveInterval().
this will check for the inactive time and then remove the session.

if u want to terminate a session then use session.Invalidate().

i think this may help u

or else refer to any books or tutorials for this.

bye
srikanth
0
 
knorAuthor Commented:
its  not a servlet session
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
sdwr98Commented:
What kind of session are you talking about, then?
0
 
yuvalgCommented:
Your question is not so clear but -
if i understand the question correctly what you need to do is add a member to your session object that will state the last time the session has been accessed.
Within each access to this particular session object, stamp that member with the current time.

Then, when doing your cleanup, validate or invalidate the session according to that members value (see if the session has been inactive for an unaccepted amount of time).

yuval.
0
 
knorAuthor Commented:
Yuval, you are on the right track to what i need.... but what is the best way to do this.... threads or a listener or ??? thanx in advance - knor
0
 
harish_venkCommented:
First of all you will need a timer class, a timer listener interface and a session class which implements this interface. You have to create a session object for each user and store the user's info in the session object. Then you can have a unique id associated with each object, say, in a hash table. Then you can append this to the end of each request URL (URL rewriting).

When this is done, whenever a user requests for a html, his session id can be retrieved from the url and checked in the hash table.

Now the timer class keeps running (its a thread) and wakes up the listeners after some timeout. You could call the method to be implemented by the class which implements the Listener interface. In this method you could increment a value (equivalent to the sleep value in the timer) and check if it has crossed the time out limit. If so then invalidate the session object.

Most important thing to remember is to clear the value in the class that implements the listener, whenever an access is made by the user. This way if a user does not perform any access for a stipulated period of time, then his session gets invalidated.

Hope this helps.
0
 
knorAuthor Commented:
Answer accepted
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now