Link to home
Create AccountLog in
Avatar of autoknowledge
autoknowledge

asked on

How to check which existing sessions are valid or invalid

Hello Experts,

In my application i am maintaining collection( In this collection i am maintaining user ID and session ID) of session which are active and deleting those session from the collection which user logs out. Till here it is working fine.
But when user is inactive for a timeslot which is set for invalidating a  session, In my collection these session id's still exists. My concern is how can i check in available collection which session's are valid and which are not.
To accomplish this, I worked with valueUnbound method of HttpSessionBindingListener interface. I tried to get session ID which are going to invalidate. To implement this i am invoking method setDeletedSessionID(String sessionID) from valueUnbound . But the control is not reaching to this method ( setDeletedSessionID() ) there and session get invalidated.

Will u please describe your views in sort of code flow,
Please help me to come out from this problem.
Thanks
Avatar of NHBFighter
NHBFighter

Let me see if I understand correctly.  You created an object that implements the HttpSessionBindingListener interface and then added that object to the users session via something like
    session.setAttribute("listener", new HttpSessionBindingListenerImpl());
And the problem is that when the session becomes invalidated the valueUnbound() method on the HttpSessionBindingListenerImpl isn't firing.  Is that correct?

I would first try to debug the HttpSessionBindingListenerImpl object with logging code like:

public void valueUnbound(HttpSessionBindingEvent event){
      String sessionId=event.getSession().getId();
      logger.debug("The object was removed from the session with ID: "+sessionId);
}

public void valueBound(HttpSessionBindingEvent event) {
      String sessionId=event.getSession().getId();
      logger.debug("The object was added to the session with ID: "+sessionId);
}

This way you can see when the object is being bound and unbound to the session.  

Dave
Avatar of autoknowledge

ASKER

public void valueUnbound(HttpSessionBindingEvent event){
      String sessionId=event.getSession().getId();
setDeletedSessionID(String sessionID)
      logger.debug("The object was removed from the session with ID: "+sessionId);
}
Hi Dave,

I am explaining through code what i am doing exactly and where i m strucking. As you have posted the code. i tried this as well but i did in the following way

line:1 public void valueUnbound(HttpSessionBindingEvent event){
line:2 String sessionId=event.getSession().getId();
line:3
line:4 // This line i am adding extra, to get the session ID which are going to invalidate
line:5       LoginCommand.setDeletedSessionID(String sessionID)  
line:6       logger.debug("The object was removed from the session with ID: "+sessionId);
line:7 }
line:8  // This method in LoginCommand.Java file, Where i am trying to catch session ID
line:9  public void setDeletedSessionID(String sessionID){
line:10  if(gc1.context.getAttribute("destroyedUserSessionTable") != null){
line:11  destroyedUserSessionTable = (ArrayList)gc1.context.getAttribute( "destroyedUserSessionTable");
line:12  }else
line:13  logger.debug(" No session id to delete " ) ;
line:14
line:15  destroyedUserSessionTable.add(sessionID) ;
line:16  logger.debug(" session ID deleted which is  =  " + sessionID) ;
line:17 }
line:18
            But Dave my control is not reaching to method setDeletedSessionID( ) and that session get invalidated.
            Even one more observation, if i am invoking that method from method valueUnbound( ) as in line no 5.
            The line 6 messag is not going to print in logger. If i am commenting out line no.5 then logger contains
            message which we are passing from line no. 6.

            One more thought for my problem :
                    My problem could be solved if i can get available active session ID's maintained by tomcat server. Since
               I am maintaining collection of session id as user makes log In.By comparing i can discard those
            session ID's from my collection which are not active.

Thanks
Ashish
ASKER CERTIFIED SOLUTION
Avatar of NHBFighter
NHBFighter

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer