tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <craig...@apache.org>
Subject Re: Replacement for HTTPSessionContext!?
Date Fri, 28 Sep 2001 16:12:08 GMT


On Fri, 28 Sep 2001, Marco Schmalz wrote:

> Date: Fri, 28 Sep 2001 15:28:03 +0200
> From: Marco Schmalz <marco@schess.ch>
> Reply-To: tomcat-user@jakarta.apache.org
> To: tomcat-user@jakarta.apache.org
> Subject: Re: Replacement for HTTPSessionContext!?
>
> Just came into my mind...
>
> You should use the WeakReference-Object (from the java.lang.ref package)
> to prevent memorywaste, otherwise the Garbagecollector won't erase the
> timed-out Session objects.
>
> this means:
>
> //when a user logs in:
> WeakReference sessionRef = new WeakReference(request.getSession());
> Set sessions = (Set)getServletContext().getAttribute("myproj.sessions");
> sessions.add(sessionRef);
>
> //when you want to invalidate all sessions:
> Iterator sessionIt =
> ((Set)getServletContext().getAttribute("myproj.sessions")).iterator();
> while(sessionIt.hasNext()) {
> 	WeakReference ref = (WeakReference)sessionIt.next();
> 	if(ref.get() != null) {
> 		HttpSession session = (HttpSession)ref.get();
> 		session.invalidate();
> 	}
> }
>
>
> I never realy worked with the Reference-package, but I think this should
> work.
>

This approach will cause you *lots* of problems later - because the
servlet container might recycle that same session object for some other
session later.  Thus, the references under the old (no longer valid)
session ids will still live in your collection.

If you explicitly add a reference to the session into your collection when
it is created, you must also explicitly remove a reference to that session
when it is destroyed.

> Marco
>

Craig McClanahan


Mime
View raw message