Win a copy of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Session in Servlets.....Interesting  RSS feed

Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Suppose a user logs in in a system(machine 1) i create a HttpSession and allow him to go thru the site.Suppose he logs in again in another system then also he should be allowed to login.But the session which he had first(machine 1) should get expired.Hez no more authenticated in machine 1.This is the thing that i am in need of.Explain me how this can be done.I am not using beans for this.All i do is with HttpSession alone.
Posts: 19728
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The servlet session object is tied to a particular Java Virtual Machine - even on the same computer, a different instance of a server will be using different session objects.
This is a real problem for people running clustered servers, and they look to their vendors for specific solutions.
If you are actually running distinct servers (not just cluster clones), you'd have even more of a problem. To handle this, you need to be able to reference a common object such as a database -- preferably something with low overhead, since you'll be querying and possibly updating it for every HTTP request.
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As stated the session is not specific to a user, but to the browser. First of all, you need to consider what is realistic and what situations you really need to handle. Personally, if I were logged via two browsers to the same web app, I would *not* expect to be sharing the same session.
However, if you really want the behavior you stated, you may be able to implement this behavior you described by doing the following ...
1. Keep a hashtable of logged in users in the servlet context (application-scope) with a reference to that user's HttpSession
2. When a user logs in, see if there is an entry in the hashtable
3. If not, create one, placing a reference to the session in the hashtable keyed on the user id
4. If there is an entry, invalidate the session referred to by the entry, then create the new entry as in (3)
5. Also, you will need to clean up the hashtable when either a user logs off or the session is invalidated by the container ... the Servlet 2.3 spec contains lifecycle events that can be used for this.
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!