• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

How to catch when the Session times out in Tomcat

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In order to ensure the only each user only has one session open at a time, we're doing the following:
1. When the user tries to log in, we check to see if the user's id is in the active_session table in our database. If it is not, the user is allowed to log in. If it is, the user is prohibited from logging in.
2. When the user logs in, the user's id is put in the active_session table in our database.
3. When the user logs out, the user's id is removed from the active_session table in our database.
My question is, how can we know to update the active_session table (i.e., remove the user id) when the user's session times out? I did not see any documentation of this in the Servlet spec, or in Tomcat's docs.
Thanks for any help,
Adena
 
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What you are looking for is in the javax.servlet.http package, the HttpSessionBindingListener interface.
Just add an object implementing this interface to each session, when the session times out, or is invalidated directly, the object gets a call to the method:
public void valueUnbound( HttpSessionBindingEvent e)
where the event includes a reference to the session being destroyed.
Bill
------------------
author of:
 
Thank you my well lotioned goddess! Here, have my favorite tiny ad!
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic