• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Knute Snortum
  • Bear Bibeault
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Piet Souris
  • Ganesh Patekar
Bartenders:
  • Frits Walraven
  • Carey Brown
  • Tim Holloway

Window session problem

 
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The sessions opened through a window are not getting closed when I close the window. If I open the window again, it does automatic login.
How can I close the session when I close the window?
 
Bartender
Posts: 6663
5
MyEclipse IDE Firefox Browser Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You cant. Session dont get invalidated when you close a window. Try logging in to yahoo and then disconnect from the internet. Connect to the internet again and you will still be able to access your inbox because the session on yahoo's servers are still active.

Use invalidate() to invalidate sesison. If you would like them to time out use the setMaxInactiveInterval() or setMaxAge() functions to invalidate them. Use can declaratively define the time out using the session-timeout element.
 
Ranch Hand
Posts: 502
jQuery Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
catch onbeforeunload event on window and make an AJAX call to Servlet or Action class which will invalidate the session.
 
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I guess it has been answered many times in this forum.
Sessions are object created at the server end and they do not travel to the client side.Only the sessionID gets transfered to the client for tracking the reponses from one flow of interaction.In case you close the browser , the session object will still be there till the session timeout interval.
 
(instanceof Sidekick)
Posts: 8791
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hmmm, I'm a bit confused or maybe not. I thought if I closed the browser entirely - all windows in the same process - the browser lost the session ID and a new browser process could not resume using the same session. Is that wrong?
 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The session id is sent throught cookie. This may be the case that the cookie might be existing even after the closing the web browser.
you can do two things for this --
1- Clear the cookies .
2- if you want your application make in such a way as it does not allow to sign in again automatically. while processing the jsp take the JSESSION_ID cookie and setMaxAge(-10).
In this case cookie will automatically deleted as soon as the browser is closed .

You will get the desired result
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by salil verma:
The session id is sent throught cookie. This may be the case that the cookie might be existing even after the closing the web browser.




Session cookies are not saved at the client end.The only solution to this is onclose of the browser send a AJAX request to a servlet in the server (As suggested by Prabhu V) , which would invalidate the session , but this is also not a good solution as client side scripting sometimes behaves differently. ;-)
 
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I think you can do it without Ajax technique. Do the following...

1. First create a simple JSP where you will check the current session. If session is there, invalidate it and if not do nothing. but the page should be closed on body load like <body on load="window. close()">. The session checking code should be before this body tag. The result JSP some thing like this


2. Then use on unload event in JSPs try to call one javascript function logout()

...

Then see the magic.

Good luck.
Prasad
[ November 29, 2006: Message edited by: Prasad Babu Dandu ]
 
Sheriff
Posts: 10445
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by Stan James:
Hmmm, I'm a bit confused or maybe not. I thought if I closed the browser entirely - all windows in the same process - the browser lost the session ID and a new browser process could not resume using the same session. Is that wrong?



That's my understanding too.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!