• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Help on HttpSessionListener

 
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a class that implements HttpSessionListener and Filter. All it is used for is to check if the session is still active when a request is made. For some reason, the first time I boot the app, the listener catches a session destroyed event, even though all I did was call a servlet that has request.getSession() in it. Any ideas why the Listener thinks a session is destroyed ?
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I have a class that implements HttpSessionListener and Filter.


Why?

The two concepts seem to be mutually exclusive to me. Do you have any reason to combine the two?
[ January 26, 2005: Message edited by: Ben Souther ]
 
Brian Quinn
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


The filter idea was to respond to any requests so the app knew the listener had flipped the flag telling me the app session died. My problem is now that if user 1 has session die, but doesn't click anywhere, user 2's session will start dead. Any ideas how I can handle this ?
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I would start by separating the two.

Create a filter class and a listener class.
Also the use of this instance variable is not thread safe:
boolean isDestroyed = false;
 
Brian Quinn
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ben
Is there a better way to track session timeout ? The idea is that if a user clicks on a page and the session is dead - go back to the main page. We thought this was the best solution, but since the listener is only instantiated once, if a session times out for any user, it times out for all users - which is not correct. Is there a better way to implement this solution ?
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This is how I'm doing it:
I'm using programatic security instead of the declarative options available with Tomcat and/or other servers.

When a user logs in, I get some of their user information from the database and put it in a bean (called userBean) and bind that to the user's session.

All the other pages go through a filter that makes sure that a userBean exists in this user's session. If it's missing (null), I forward the user to the login page. Otherwise, the request continues to it's intended destination.
[ January 27, 2005: Message edited by: Ben Souther ]
 
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ben Souther:
This is how I'm doing it:
I'm using programatic security instead of the declarative options available with Tomcat and/or other servers.

When a user logs in, I get some of their user information from the database and put it in a bean (called userBean) and bind that to the user's session.

All the other pages go through a filter that makes sure that a userBean exists in this user's session. If it's missing (null), I forward the user to the login page. Otherwise, the request continues to it's intended destination.



Same here.
 
If you look closely at this tiny ad, you will see five bicycles and a naked woman:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic