• Post Reply Bookmark Topic Watch Topic
  • New Topic

How to invalidate session on the basis of session ID in servlet

 
Prabhat Shankar
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How to invalidate session on the basis of session ID in servlet.
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You either need to track sessions yourself - a session listener will help - or write your own session manager.
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure I understand when you want to invalidate the session:

1. During processing of a request from the user?
2. After a period of inactivity by the user?
3. Independent of what the user is doing?

If 1 or 2 - the servlet API will take care of it
If 3 then as David said you will have to track sessions yourself - this opens up a whole can of worms because the servlet container will also be trying to manage the session objects, so be careful.

Bill
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65530
108
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Why would you want to be doing something so very odd and unusual?
 
Hebert Coelho
Ranch Hand
Posts: 754
Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you trying to find like "session server pool"? To do like "getSessionByID(1).invalidate()"?

You may invalidate the session by getting it from a request...
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The original servlet API let you get at sessions directly - see javax.servlet.http.HttpSessionContext for example

However it was realised that letting other threads play with sessions like that created a security risk. Thats why the session listeners were created.

Bill
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!