Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Releasing HTTP session state

 
Kelly Dolan
Ranch Hand
Posts: 109
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a servlet that for a given user session stores stuff in its HTTPSession scope. I have a button on my UI that if the user clicks it, I know to release the HTTPSession stuff. I also know that eventually the HTTP session will timeout and at such a time (or later based on the container/servlet implementation) the HTTPSession stuff will be released as well.
I cannot stop a user from closing the browser through the X button or Alt-F4. I also cannot stop a user from leaving my UI site but going to another web page. Is there a way I can catch these events so that I can trigger JavaScript in my HTML UI to make a callback to my servlet so it releases resources right away (i.e., just like the button on the UI described above)???
Any and all help is greatly appreciated!
Kelly
 
Simon Brown
sharp shooter, and author
Ranch Hand
Posts: 1913
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I guess that you could do, but ultimately the user could have JavaScript disabled. You're right though, the session will eventually timeout so freeing up those resources. I'm trying to understand your requirement here ... are you just releasing this state because of the physical (i.e. memory) resources, security reasons or something else?
 
Sonny Gill
Ranch Hand
Posts: 1211
IntelliJ IDE Mac
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I was struggling with that problem a while ago..there doesnt seem to be any sure-shot way..
I remember seeing some javascript code on the net that does this -
1. on unLoad, open a window, using javascript
2. In that window, check the opener property to see if the original window is still open.
If it is open, means the user hasnt closed the browser, something else triggered the onUnload event, do nothing.
If it is closed, call the servlet code to do whatever u want to do
3. Close the new window.
I never tried it throughly, you might want to think along those lines.
and you may find some ideas in this discussion
discussion
 
Kelly Dolan
Ranch Hand
Posts: 109
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In re: to Simon...
1. Assume JavaScript is enabled. My UI code depends on it (and our customers will be informed of the requirement) so if JavaScript is disabled, recognizing the closing of the browser window or navigating to some other site will not be the problem.
2. From a requirements standpoint, I simply want to manage server resourses wisely. There will be many users hitting my server and therefore the memory footprint may be large. If something is no longer needed, I'd like to free the resources when I know they are no longer needed. I can do this if they click my button that says "I'm done" but I cannot prevent them from simply closing the browser window or navigating to another site.
Thanks to everyone for their feedback!
Kelly
 
Arnie Stillman
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I use the "session" variable of the HttpSession object to do just this. Call
session.invalidate() to release all objects bound to the session. I do it with an "Exit" button, but you can just as easily call a jsp page with onunload="invalidate.jsp" in the body tag.
My invalidate.jsp simply contains:
<%
session.invalidate();
%>
 
tan kong sang
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i using the
session.invalidate();
to logout from the page. but it seems like it doesn't work...
can someone help me???
here is the code...

<%@ page contentType="text/html" %>
<%@ page session="true" %>
<html>
<head>
<title>Logout </title>
</head>

<body>
<%
session.invalidate();
%>

</body>
</html>
 
Sripathi Krishnamurthy
Ranch Hand
Posts: 232
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
try request.getSession().invalidate()
 
Mark Poll
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
<HEAD>
<SCRIPT FOR=window EVENT=onunload>
alert("Bye!!!");
</SCRIPT>
</HEAD>
<BODY>
</BODY>
 
D Rog
Ranch Hand
Posts: 472
Linux Objective C Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Using javascript can leave certain percentage of session data not cleaned, since a browser can be crashed, frozen, or left unattendent. You can put in session timer objects which will free some session data after some time. I assume that you need to keep session valid for much longer time.
 
James Carman
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by D Rog:
Using javascript can leave certain percentage of session data not cleaned, since a browser can be crashed, frozen, or left unattendent. You can put in session timer objects which will free some session data after some time. I assume that you need to keep session valid for much longer time.


Why wouldn't you just use the built-in session timeout support?
 
D Rog
Ranch Hand
Posts: 472
Linux Objective C Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A good suggestion, here are few examples where I can't use session time-out:
1. wizards, it assumes using several screens, of course it's better solution to keep state of wizard in hidden fields, but sometime session is more preferable. So, if user left wizard and continue working on other screens, wizard state remains in session.
2. work in single sign on environment, Siteminder agent manages user logins and requires to have no time out for sessions.
3. Some other examples you can give me from your experience.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic