tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Filip Hanik" <Filip.Ha...@evant.com>
Subject RE: Tomcat 4.1.18 session objects
Date Wed, 26 Feb 2003 00:13:57 GMT
you are right,it is totally doable. just remember to clean up yourself when the session expires.

Filip

-----Original Message-----
From: Greg Speechley [mailto:greg@learnedsolutions.com]
Sent: Tuesday, February 25, 2003 4:09 PM
To: Tomcat Users List
Subject: RE: Tomcat 4.1.18 session objects


I realise that sessions are for user tracking, etc but I wanted to know why
it was suggested that it was a bad idea to store them in a vector so that
you would have access to a list of users who are currently logged in (have
valid sessions). As I understand it Tomcat doesn't give you the ability to
access such a list so you would have to store it yourself. Why would this be
unreliable?

Greg

-----Original Message-----
From: Filip Hanik [mailto:Filip.Hanik@evant.com]
Sent: Wednesday, 26 February 2003 10:29 AM
To: Tomcat Users List
Subject: RE: Tomcat 4.1.18 session objects


sessions are designed exactly for that, tracking users.

tomcat stores them for you, all you need is to store your user object in the
session.

Filip

-----Original Message-----
From: Greg Speechley [mailto:greg@learnedsolutions.com]
Sent: Tuesday, February 25, 2003 3:54 PM
To: Tomcat Users List
Subject: RE: Tomcat 4.1.18 session objects


Hi Yoav,

I was wondering why using sessions is unreliable for tracking users who are
logged in, getting last accessed time, etc? I would have thought that
storing all the current sessions in a Vector (or some other data structure)
with a User object (storing all their relevant info) bound to each session
would work well. What alternative would you suggest because the situation
described by R.C.Nougain sounds very similar to what we have where I work.

Cheers
Greg Speechley

-----Original Message-----
From: Shapira, Yoav [mailto:Yoav.Shapira@mpi.com]
Sent: Wednesday, 26 February 2003 12:46 AM
To: Tomcat Users List
Subject: RE: Tomcat 4.1.18 session objects



Howdy,

>Where can I find the changes list from Tomcat 4.0.x to Tomcat 4.1.x.

Download any release of tomcat.  Explode the distribution and you'll see a
bunch of release notes files, one for each labeled release, detailing what's
new in that release.

>| For each user session I store the reference| to the session in a Vector
>so that I
>| can tell what users are logged-in, last-accessed-time etc. It was working
>fine
>| in Tomcat 4.0.4. But in Tomcat4.1.18 (perhaps due to new specifications)
>session
>| objects are pooled (StandardSessionFactory) and hence the references I
>| am storing in the Vector become useless across the jsp page calls. I have
>a
>| thread that uses this Vector to clean up the users that are timedout but
>since
>| the session refs in my Vector are useless I can do nothing. Instead of
>| storing the refs if I store Session IDs then can I get ref to a session
>from
>| JSP Server so that I can get the attributes I have set in it. Please
>comment.

Since you only asked for comments... There is no new specification regarding
http servlet sessions from tomcat 4.0 to 4.1.  It's still the servlet spec
v2.3.

Your design is vulnerable to any changes in the container session fa├žade
implementation.  Note that the container is not required to provide you with
a session list per se.

I don't think using sessions to track who's logged in and last-access-time
for resources is reliable.  But if you want to do it that way, write an
HttpSessionListener.  It was created for these sort of session tracking
things.  Move your vector into that listener.  Add a reference each time a
session is created, remove it when a session is destroyed.  Add whatever
other functionality you need to the listener.

Yoav Shapira
Millennium ChemInformatics



This e-mail, including any attachments, is a confidential business
communication, and may contain information that is confidential, proprietary
and/or privileged.  This e-mail is intended only for the individual(s) to
whom it is addressed, and may not be saved, copied, printed, disclosed or
used by anyone else.  If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the
sender.  Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message