tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <>
Subject RE: Tomcat 4.1.18 session objects
Date Tue, 25 Feb 2003 14:16:29 GMT


>Where can I find the changes list from Tomcat 4.0.x to Tomcat 4.1.x.

Download any release of tomcat.  Explode the distribution and you'll see a bunch of release
notes files, one for each labeled release, detailing what's new in that release.

>| For each user session I store the reference| to the session in a Vector
>so that I
>| can tell what users are logged-in, last-accessed-time etc. It was working
>| in Tomcat 4.0.4. But in Tomcat4.1.18 (perhaps due to new specifications)
>| objects are pooled (StandardSessionFactory) and hence the references I
>| am storing in the Vector become useless across the jsp page calls. I have
>| thread that uses this Vector to clean up the users that are timedout but
>| the session refs in my Vector are useless I can do nothing. Instead of
>| storing the refs if I store Session IDs then can I get ref to a session
>| JSP Server so that I can get the attributes I have set in it. Please

Since you only asked for comments... There is no new specification regarding http servlet
sessions from tomcat 4.0 to 4.1.  It's still the servlet spec v2.3.

Your design is vulnerable to any changes in the container session fa├žade implementation.
 Note that the container is not required to provide you with a session list per se.

I don't think using sessions to track who's logged in and last-access-time for resources is
reliable.  But if you want to do it that way, write an HttpSessionListener.  It was created
for these sort of session tracking things.  Move your vector into that listener.  Add a reference
each time a session is created, remove it when a session is destroyed.  Add whatever other
functionality you need to the listener.

Yoav Shapira
Millennium ChemInformatics

This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message