Destroy Session after closing the browser

Hello,
After a user has logged in , a session is started (in java based application)
The session is destroyed after user clicked :Log out
when the user forgets to logout and closes the browser immediately, the session still exists because when the user oepn the browser again and comes back to the site he/she is still logged in.

I want the session to be destroyed when the user closes the browser immediately.

Is there a way to destroy a session. ( I have seen ,when you open any banking website and
close the browser ,it  immediately logout from that session)

Best Regards
LOVINSINGHAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

LOVINSINGHAuthor Commented:
I need your help urgent. thanks in advance
0
selvolCommented:
http://mibew.org/forums/index.php?topic=383.0





<script type="text/javascript" language="javascript" src="${webimroot}/js/jquery.js"> </script>

.............................................

<script type="text/javascript">

jQuery(window).unload(function(){
	jQuery("a.closethread").trigger("click");
});

</script>

Open in new window

0
Sathish David Kumar NArchitectCommented:
use HttpSessionListener
0
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

siddagrlCommented:
>> I want the session to be destroyed when the user closes the browser immediately.
This could be done (using the following code), but not advised as it is not reliable (and foolproof too) and does not work on all browsers!

You also need to take care whether to send the log out info to server or not because this will be called every time the form gets unloaded (back, next, refresh etc)
    This situation could be handled by taking a javascript variable (say var isLogout = true;) keeping default as true and setting it to false everytime if user navigates away from the page manually.

=======
<script language="javascript">
// call the following on "onload"
function logOutAndSleep()
{
   if (isLogout == "true")
   {
   delay = 2000; // mili-seconds

   // send log out info to server here.

   // keep browser busy till it sends the above info "asynchronously"
   // otherwise browser will exit immediately
   var start = new Date().getTime();
   while (new Date().getTime() < start + delay);
   }
}
=======

>> I have seen ,when you open any banking website and close the browser, it  immediately logout from that session
No, it does not immediately logs out, instead it ensures not to use the existing session information if user logs in again.


Instead I would advice you to generate a different unique ID (in javascript) for each request and send to server. and if user presses back / refresh button, you will get the same ID as in previous one and logs out the user immediately.

Similarly if user does not explicitly, closes the window, and open your site again, then the browser will not send the unique ID and you can deduce that it is a fresh request (and you can log out the user)

See the following also for more info:
http://stackoverflow.com/questions/665399
0
siddagrlCommented:
Read my second last paragraph as follows:

Similarly if user does not explicitly, closes the window, and open your site again, then the browser will not send the unique ID and you can deduce that it is a fresh request (then destroy the current session if present and show the login page to user)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
LOVINSINGHAuthor Commented:
thanks
0
siddagrlCommented:
if you use jQuery then you might want to try setting the async to "false" when sending the request (using ajax function) to server on unload!

See the following for more info.
http://stackoverflow.com/questions/1821625/ajax-request-with-jquery-on-page-unload
$(window).unload(function() {
        $.ajax({
            url: window.location.href,
            async: false,
            cache: false,
            type: "POST",
            data: {"logout", true}
        });
});

Open in new window

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java EE

From novice to tech pro — start learning today.