• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1593
  • Last Modified:

Session - setMaxInactiveInterval

Hi,

Sorry to keep asking but this week, I am a kind of "stupid" hehe :).

Now, I have disabled my users to multiple login in my J2EE Web Application. I am using timestamp to check whether he or she has logged-in to my system. Well, everything runs ok until I found one bug :(.

First, I have set my session to be invalidated within 10 mins if there is no interaction of the client. A kind of automatic invalidation. I used setMaxInactiveInterval(600) to do this. Now, after 10 mins, the session is invalidated but how can I detect it and remove the timestamp of my database?

In conclusion, how can I detect that the session has reached its MaxInactiveInterval and I can remove the timestamp?

Thanx and Regards
Dave
0
suprapto45
Asked:
suprapto45
  • 9
  • 4
  • 2
2 Solutions
 
OBCTCommented:
If you have a class that implements the javax.servlet.http.HttpSessionListener interface, then declare this in your web.xml file, you could have the sessionDestroyed(HttpSessionEvent) method make a call to the database and remove the timestamp.
0
 
aozarovCommented:
Or you can bind an object that implements javax.servlet.http.HttpSessionBindingListener to your sesssion
and do the DB operation in the valueBound method.
Didn't I cover those two options with you before ;-)
0
 
suprapto45Author Commented:
Hi aozarov,

I did not do that. I just bind the simple object (JavaBean) to my session. Any idea aozarov?

OBCT > mm...where should I declare the method sessionDestroyed(HttpSessionEvent)?

Regards
Dave
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
suprapto45Author Commented:
Well,

I think I know what am I doing wrong. I just read our last discussion again aozarov and I think that I did not explore that very well. Let me try to modify my Javabean to implement HttpSessionBindingListener.

Then what does it mean by these two methods?

      public void valueBound(HttpSessionBindingEvent arg0)
      {
            // TODO Auto-generated method stub
            
      }

      public void valueUnbound(HttpSessionBindingEvent arg0)
      {
            // TODO Auto-generated method stub
            
      }

Regards
Dave
0
 
OBCTCommented:
In any class that implements the HttpSesssionListener interface.

For example...

public class AppSessionListener implements HttpSessionListener
{
    public void sessionCreated(HttpSessionEvent e) {   }

    public void sessionDestroyed(HttpSessionEvent e)
    {
        // Logic here...
    }
}

And in your web.xml, add:

<listener>
      <listener-class>your.package.AppSessionListener</listener-class>
</listener>
0
 
aozarovCommented:
valueBound -> This will be called onced that bean is added to the session
valueUnbound -> This will be called onced that bean is removed from the session (normally because of session timeout
based on max idle time). This is the method where you want to put your DB removal code.
0
 
suprapto45Author Commented:
Hi OBCT,

One question....

    public void sessionDestroyed(HttpSessionEvent e)
    {
        // Logic here...
    }

What does e used for?

Regards
Dave
0
 
suprapto45Author Commented:
Hi aozarov,

Must it be by bean that implements HttpSessionBindingListener? Can it be any other class? Since the object that I bind to my session is only Javabean. it should not have any business logic to add, edit or delete.

Regards
Dave
0
 
OBCTCommented:
The parameter e is the event that has just occured. It has a few small details about the event such as the event's source (which object fired the event) and a reference to the session that has been changed.
0
 
suprapto45Author Commented:
Okay,

I got it. Thanks OBCT and auzarov, sorry auzarov that I did not explore well.

Another question. is it possible that in the

    public void sessionDestroyed(HttpSessionEvent e)
    {
        // Logic here...
    }

or

     public void valueUnbound(HttpSessionBindingEvent arg0)
     {
          // TODO Auto-generated method stub
         
     }

for me to get some necessary data from my JavaBean in session just before it is invalidated? because to delete the timestamp, I need to have the userid and password to query DB.

Regards
Dave
0
 
suprapto45Author Commented:
Wait..I think that I manage to solve it....1 minute

Regards
Dave
0
 
suprapto45Author Commented:
I found the solution. Thanks OBCT and auzarov.

Regards
Dave
0
 
OBCTCommented:
For any other users that may have this problem in the future, would you mind posting your solution?

:-)
0
 
suprapto45Author Commented:
Absolutely. I will post it in few hours time...lunch time
0
 
suprapto45Author Commented:
Okay. First is that you need to modify your class to implement HttpSessionListener. In this case, my class is Struts action class.

public class LoginAction extends DispatchAction implements HttpSessionListener

Then you need to have two methods within the class that implement HttpSessionListener

      /* (non-Javadoc)
       * @see javax.servlet.http.HttpSessionListener#sessionCreated(javax.servlet.http.HttpSessionEvent)
       */
      public void sessionCreated(HttpSessionEvent arg0)
      {
            // TODO Auto-generated method stub
            System.out.println("Executing login module - sessionCreated");
      }

      /* (non-Javadoc)
       * @see javax.servlet.http.HttpSessionListener#sessionDestroyed(javax.servlet.http.HttpSessionEvent)
       */
      public void sessionDestroyed(HttpSessionEvent arg0)
      {
            System.out.println("Executing login module - sessionDestroyed");
            HttpSession session = arg0.getSession();
            Login login = null;
            
            login = (Login)session.getAttribute(Constant.USER_KEY);
            // TODO Auto-generated method stub
            LoginDao logindao = LoginDao.getInstance();
            
            try
            {            
                  logindao.removeTimeStamp(login.getEmail(), login.getPassword());
            }
            catch(Exception e)
            {
                  e.printStackTrace();
            }
      }

Now see, you can get the session and etc for you to modify on.

regards
Dave
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 9
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now