how to kill sessions via webapp when using mod_jk cluster

Our webapp currently runs on Tomcat 5.5 w/ Apache webserver.    Our sysadmin has setup two tomcat instances (A & B) to enable us to do updates to one instance while the other takes over all the traffic.

We have a custom developed sessions admin screen which allows us to view current sessions, the accounts linked to those sessions and do actions such as kill the session if needed.  This works simply enough when there is only one instance of Tomcat, hence only one application-level hash of sessions.

We want to write a new version of the admin screen which will show all sessions from both instances of Tomcat and also allow us to kill a particular session, regardless of which Tomcat instance it is running.  How does one do this?

Note: While references to sessions are currently stored within a app-scoped variable we will be storing the session ID's in a database.  So we will have a single place to enumerate all existing sessions regardless of Tomcat instance.  The problem is how to know which Tomcat instance a particular session is running upon and how to make the call to kill the session on that instance.
stevelopezAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

stevelopezAuthor Commented:
This may be more difficult than I expected;  raising the point value...
0
rrzCommented:
>We have a custom developed sessions admin screen
Is this a java program within the Tomcat ?  
>we will be storing the session ID's in a database.  
I guess you could also store the name of the instance as well.
You could use a Map. Something like
  map.put(sessionId, "A"); or  map.put(sessionId, "B");
You could use a HttpSessionListener  in each instance of Tomcat that could(in its sessionCreated  method) add each session id to an application-scoped set  and send the id and its instance name to the database.
Each Tomcat could have a servlet that could invalidate a session when it receives a request to do so  from the admin.    
If need help with the code, then just ask us here.

0
stevelopezAuthor Commented:
yes, the current admin feature is written as servlet/JSP and runs within Tomcat.

How do you identify (from within Java) which Tomcat instance a session is running. If that can be done than I think your suggestion would work, once coupled with a listener that would respond to some admin-initiated trigger to kill the session.
0
rrzCommented:
>We want to write a new version of the admin screen which will show all sessions from both instances of Tomcat
Will there be multiple apps (contexts) in each Tomcat ? Do you want to include all sessions in all apps ?  If yes, then you can set up your context with the attribute  crossContext="true"  Look at  
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html   
The other instance will have to make a request ( using a java.net.HttpURLConnection object or a JSTL import tag) to a servlet or a JSP in the first instance.

>How do you identify (from within Java) which Tomcat instance a session is running.  
By java you mean to say some utility class or javabean ? Look at my last comment at
http://www.experts-exchange.com/Programming/Languages/Java/Q_24490440.html 

I might have time tomorrow to help you with code.  I will online early morning and in the evening.  Below is a start.
public class SessionListener implements HttpSessionListener {
  HashMap sessionMap = null;
  ServletContext application = null;
  public void sessionCreated(HttpSessionEvent event) {
             HttpSession session = event.getSession();
             if(application == null)application = session.getServletContext();
             sessionMap = (HashMap)application.getAttribute("sessionMap");
             if(sessionMap == null){
                        application.setAttribute("sessionMap",new HashMap());  
                        sessionMap = (HashMap)application.getAttribute("sessionMap");
             }
             sessionMap.put(session.getId(),"homeInstance"); 
             //the other remote instance will a make request to a JSP that will put entry.                    
  }
  public void sessionDestroyed(HttpSessionEvent event) {
                                       sessionMap.remove(event.getSession().getId());
  }
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java App Servers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.