Not sure if I understand what you're trying to do -- or from where you'd like to invalidate a session using only the session ID.... You can only invalidate a session if you have hold of its session object, and you can only get hold of the session object by calling request.getSession() or request.getSession(boolean), the Servlet 2.2 and 2.3 spec do not allow you to look up a session from the sessionID. You would then call session.invalidate() to invalidate the current session. ------------------ - Jessica Bradley HP Bluestone
Hi thnx for replying. yeah thts wht i figured out too actualy i was keeping the session's track using their Id. now something new came up and i found out tht i might have to invalidate a session even b4 it times out in some cases. so i was wondering if there is a way to do so with its session Id. i know there was sessionContext earlier (which has been depricated now) by which it could be done. but not any more. rgds
Hi syed, Did you come across any solution for invalidating the session with session id. I too have a similar problem. I am trying to restrict my user to log in twice form different places and use the the application. When the user logs in for the first time, I am allowing him to use the applicaiton or browse the pages. If this user logs in to application from another place/browser at that time, I will catch and send a message that: "You are already logged in". Now I am asking him to work at the place where he logged in first time. But I want to provide a option that upon user request from the second place, I would like to invalidate his session at the first place. It will be similar to what they do in Yahoo/MSN messneger when you log in for the second time. Hope you have got an idea about this. Please update me if you have any good idea to solve this problem....?
hi well acutaly i've implemented a singleton for my application which keeps track of the users and their respective sessions. and if a user who has already loged in , logs in again i invalidate the session. i coudlnt find anything to invalidate session using the SessionID so i ahve to keep the session;s reference. and invalidate it if a user re-login b4 his/her session expires. hope this helps lets roll.
I didn't do it. You can't prove it. Nobody saw me. The sheep are lying! This tiny ad is my witness!