We help IT Professionals succeed at work.

how to kill sessions via webapp when using mod_jk cluster

stevelopez
stevelopez asked
on
Medium Priority
1,552 Views
Last Modified: 2013-12-02
Our webapp currently runs on Tomcat 5.5 w/ Apache webserver.    Our sysadmin has setup two tomcat instances (A & B) to enable us to do updates to one instance while the other takes over all the traffic.

We have a custom developed sessions admin screen which allows us to view current sessions, the accounts linked to those sessions and do actions such as kill the session if needed.  This works simply enough when there is only one instance of Tomcat, hence only one application-level hash of sessions.

We want to write a new version of the admin screen which will show all sessions from both instances of Tomcat and also allow us to kill a particular session, regardless of which Tomcat instance it is running.  How does one do this?

Note: While references to sessions are currently stored within a app-scoped variable we will be storing the session ID's in a database.  So we will have a single place to enumerate all existing sessions regardless of Tomcat instance.  The problem is how to know which Tomcat instance a particular session is running upon and how to make the call to kill the session on that instance.
Comment
Watch Question

Author

Commented:
This may be more difficult than I expected;  raising the point value...
rrzstudent
CERTIFIED EXPERT

Commented:
>We have a custom developed sessions admin screen
Is this a java program within the Tomcat ?  
>we will be storing the session ID's in a database.  
I guess you could also store the name of the instance as well.
You could use a Map. Something like
  map.put(sessionId, "A"); or  map.put(sessionId, "B");
You could use a HttpSessionListener  in each instance of Tomcat that could(in its sessionCreated  method) add each session id to an application-scoped set  and send the id and its instance name to the database.
Each Tomcat could have a servlet that could invalidate a session when it receives a request to do so  from the admin.    
If need help with the code, then just ask us here.

Author

Commented:
yes, the current admin feature is written as servlet/JSP and runs within Tomcat.

How do you identify (from within Java) which Tomcat instance a session is running. If that can be done than I think your suggestion would work, once coupled with a listener that would respond to some admin-initiated trigger to kill the session.
student
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.