Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within OCPJWCD Search Coderanch
Advance search Google search
Register / Login
permaculture playing cards
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
meaningless drivel book review grid building better world book advertise on coderanch thread boost
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • paul wheaton
  • Jeanne Boyarsky
Sheriffs:
  • Paul Clapham
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
  • Himai Minh
Bartenders:

session invalidation of an active user

 
saxena Amit
Greenhorn
Posts: 5
posted 19 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
In multiuser environment suppose a user close the browser
then his/her session is still active till session timeout.
Before session timeout if s/he wants to
login again,i want to invalidate his/her earlier session
hows that possible ?
 
sawan parihar
Ranch Hand
Posts: 250
posted 19 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator

In multiuser environment suppose a user close the browser
then his/her session is still active till session timeout.
Before session timeout if s/he wants to
login again,i want to invalidate his/her earlier session
hows that possible ?



How are you handing the session by URL rewriting or by cookies.

Sawan<br />SCJP,SCWCD,SCBCD<br /> <br />Every exit is an entry somewhere.

 
Anand Wadhwani
Ranch Hand
Posts: 151
posted 19 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hi Amit,

You must have a method where you are validating user login, e.g. method is boolean validateUser(request,response)

In this method you can have following code to invalidate the existing session and create new one:


Hope this helps.

SCWCD 1.4<br />---------------------<br />Ability is what you're capable of. <br />Motivation determines what you do. <br />Attitude determines how well you do it.<br />---------------------

 
AmitKumar Jain
Ranch Hand
Posts: 95
posted 19 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
***********
In multiuser environment suppose a user close the browser
then his/her session is still active till session timeout.
***********
As far as my knowledge is concerned, session ends once the browser is closed.. (it does not matter if cookies or URL re-writing is used)...
unless the user has opened a new browser from the earlier page.

I don't understand how the session would remain active even when browser window is closed?

SCJP 1.4 : 91%
SCWCD 1.4 : 95%
SCBCD 1.3 : 95%
SCJP 6 Upgrade : 95%
Next SCBCD 1.5
Man is not finished when he is defeated. He is finished when he quits.

 
Anand Wadhwani
Ranch Hand
Posts: 151
posted 19 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hi Amit J,

There is no way for container to know if a perticular client has closed his browser, therefore his session object would still remain valid until session timeout occurs for that session object.

Amit S,

I am sorry abouot mentioning cookie for of auth-token, of course custom-cookie based session would automatically invalidated once browser is closed. Again depends on type of cookie, if cookie is persistent cookie then reopening the browser will send the persistent cookie (if alive) again and server will identify the session!

SCWCD 1.4<br />---------------------<br />Ability is what you're capable of. <br />Motivation determines what you do. <br />Attitude determines how well you do it.<br />---------------------

 
sawan parihar
Ranch Hand
Posts: 250
posted 19 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator

As far as my knowledge is concerned, session ends once the browser is closed.. (it does not matter if cookies or URL re-writing is used)...
unless the user has opened a new browser from the earlier page.



This is wrong. Session ends when you explicitly invalidate it or it times out. Closing the browser won't end the session.

Hey saxena Amit : I would like to know that why you want to do something like this. I mean I am just curious is it some requirement or something else.

[ June 26, 2005: Message edited by: sawan parihar ]

Sawan<br />SCJP,SCWCD,SCBCD<br /> <br />Every exit is an entry somewhere.

 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...