Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1454
  • Last Modified:

how to kill sessions via webapp when using mod_jk cluster

Our webapp currently runs on Tomcat 5.5 w/ Apache webserver.    Our sysadmin has setup two tomcat instances (A & B) to enable us to do updates to one instance while the other takes over all the traffic.

We have a custom developed sessions admin screen which allows us to view current sessions, the accounts linked to those sessions and do actions such as kill the session if needed.  This works simply enough when there is only one instance of Tomcat, hence only one application-level hash of sessions.

We want to write a new version of the admin screen which will show all sessions from both instances of Tomcat and also allow us to kill a particular session, regardless of which Tomcat instance it is running.  How does one do this?

Note: While references to sessions are currently stored within a app-scoped variable we will be storing the session ID's in a database.  So we will have a single place to enumerate all existing sessions regardless of Tomcat instance.  The problem is how to know which Tomcat instance a particular session is running upon and how to make the call to kill the session on that instance.
0
stevelopez
Asked:
stevelopez
  • 2
  • 2
1 Solution
 
stevelopezAuthor Commented:
This may be more difficult than I expected;  raising the point value...
0
 
rrzCommented:
>We have a custom developed sessions admin screen
Is this a java program within the Tomcat ?  
>we will be storing the session ID's in a database.  
I guess you could also store the name of the instance as well.
You could use a Map. Something like
  map.put(sessionId, "A"); or  map.put(sessionId, "B");
You could use a HttpSessionListener  in each instance of Tomcat that could(in its sessionCreated  method) add each session id to an application-scoped set  and send the id and its instance name to the database.
Each Tomcat could have a servlet that could invalidate a session when it receives a request to do so  from the admin.    
If need help with the code, then just ask us here.

0
 
stevelopezAuthor Commented:
yes, the current admin feature is written as servlet/JSP and runs within Tomcat.

How do you identify (from within Java) which Tomcat instance a session is running. If that can be done than I think your suggestion would work, once coupled with a listener that would respond to some admin-initiated trigger to kill the session.
0
 
rrzCommented:
>We want to write a new version of the admin screen which will show all sessions from both instances of Tomcat
Will there be multiple apps (contexts) in each Tomcat ? Do you want to include all sessions in all apps ?  If yes, then you can set up your context with the attribute  crossContext="true"  Look at  
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html   
The other instance will have to make a request ( using a java.net.HttpURLConnection object or a JSTL import tag) to a servlet or a JSP in the first instance.

>How do you identify (from within Java) which Tomcat instance a session is running.  
By java you mean to say some utility class or javabean ? Look at my last comment at
http://www.experts-exchange.com/Programming/Languages/Java/Q_24490440.html 

I might have time tomorrow to help you with code.  I will online early morning and in the evening.  Below is a start.
public class SessionListener implements HttpSessionListener {
  HashMap sessionMap = null;
  ServletContext application = null;
  public void sessionCreated(HttpSessionEvent event) {
             HttpSession session = event.getSession();
             if(application == null)application = session.getServletContext();
             sessionMap = (HashMap)application.getAttribute("sessionMap");
             if(sessionMap == null){
                        application.setAttribute("sessionMap",new HashMap());  
                        sessionMap = (HashMap)application.getAttribute("sessionMap");
             }
             sessionMap.put(session.getId(),"homeInstance"); 
             //the other remote instance will a make request to a JSP that will put entry.                    
  }
  public void sessionDestroyed(HttpSessionEvent event) {
                                       sessionMap.remove(event.getSession().getId());
  }
}

Open in new window

0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now