tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Radek Liebzeit" <rl...@centrum.cz>
Subject RE: list active sessions.
Date Wed, 23 Jun 2004 05:51:08 GMT
Really nice.

I am just wondering about one thing - about "persistent sessions". I
have a session counter based on the SessionListeners. It is increased
when some session is created and decreased when the session is
destroyed. So, when I restart the Tomcat server some sessions are
recreated but counter state doesn't. Therefore, after session timeout,
the counter status is negative. 

It's not problem for me, it is enough for my purposes. I am just
wondering how do you solve this behaviour?

Radek


> -----Original Message-----
> From: Frank Zammetti [mailto:fzammett@hotmail.com]
> Sent: Monday, June 21, 2004 3:45 PM
> To: tomcat-user@jakarta.apache.org
> Subject: RE: list active sessions.
> 
> I spent a couple of days last week implementing just such a thing, so
I
> feel
> qualified to answer :)
> 
> There is no easy way to do it.  There USED to be a SessionContext
object
> available in the servlet spec that would allow you to do a lot of cool
> things with sessions, but it was removed as of spec 2.1 I think
because
> Sun
> believed it to be a security risk.  Unfortunately there was nothing
added
> to
> take it's place.
> 
> The way you have to do this, or at least one way (the only way I
found) is
> to track it yourself.
> 
> First, I already had an AppConfig object that contains a static
HashMap.
> This has a bunch of config values for my app loaded from a config file
at
> startup.  I then added an activeSessions HashMap to that class.
Create a
> similar class for yourself, along the lines of the following:
> 
> import java.util.HashMap;
> public class AppConfig {
>   private static HashMap activeUsers = null;
>   public static HashMap activeUsers() {
>     return activeUsers;
>   }
>   public static void setActiveUsers(HashMap inActiveUsers) {
>     activeUsers = inActiveUsers;
>   }
> }
> 
> Then, create a SessionListener something like the following:
> 
> package com.mycompany.myapp;
> import java.util.HashMap;
> import javax.servlet.http.HttpSession;
> import javax.servlet.http.HttpSessionEvent;
> import javax.servlet.http.HttpSessionListener;
> public class SessionListener implements HttpSessionListener {
>   public void sessionCreated(HttpSessionEvent se) {
>     HashMap activeUsers = (HashMap)AppConfig.getActiveUsers();
>     synchronized (activeUsers) {
>       activeUsers.put(se.getSession().getId(), new HashMap());
>     }
>   }
>   public void sessionDestroyed(HttpSessionEvent se) {
>     HashMap activeUsers = (HashMap)AppConfig.getActiveUsers();
>     synchronized (appConfig) {
>       activeUsers.remove(se.getSession().getId());
>     }
>   }
> }
> 
> Then just add the following to web.xml after your <servlet> section:
> 
>   <listener>
>
<listener-class>com.mycompany.myapp.SessionListener</listener-class>
>   </listener>
> 
> Basically, every time a session is created, you'll get an entry in the
> activeUsers HashMap keyed by sessionID, and the record will be removed
> when
> the session is destroyed.  Further, what I do is that when my logon
Action
> is called, when the user is validated I add some information for that
user
> into the HashMap (first name, last name, logon time, etc).  This
allows me
> to have a pretty nice little tracking display in my app.
> 
> The one problem you run into with this is that if the user just closes
the
> browser window rather than using your nice logout function, the
session
> lingers until the timeout period elapses.  I didn't like that!  My app
is
> frames-based, and I already had one hidden frame, so I added the
following
> to the <body> tag of that frame's source document:
> 
> onUnload="openLogoffPopup();"
> 
> ... and then the openLogoffPopup() function:
> 
>   function openLogoffPopup() {
>     windowHandle = window.open("", "",
"width=200,height=1,top=1,left=1");
>     str =  "<" + "html><" + "head><" + "title><" + "/title><"
+
"/head>";
>     str += "<" + "body
> onLoad=\"window.location='<%=request.getContextPath()
> + "/app/logoff.app"%>';\">";
>     str += "<" + "table width=\"100%\" height=\"100%\" border=\"0\">";
>     str += "<" + "tr><" + "td align=\"center\" valign=\"middle\">";
>     str += "<" + "span
> style=\"color:#000000;font-family:arial;font-size:11pt;font-
> weight:bold;\">";
>     str += "Logging out of application...<" + "/span";
>     str += "<" + "/td><" + "/tr>";
>     str += "<" + "/table>";
>     str += "<" + "/body><" + "/html>";
>     windowHandle.document.write(str);
>     windowHandle.document.close();
>   }
> 
> That calls the logoff Action whcih does not much more than
> session.invalidate().  This works well in IE, I do not know if it is
> cross-browser though (not a concern for my company).  It should work
fine
> to
> add this to all your JSP's, assuming your app isn't frame-based, I
think
> it'll work just the same.  But, maybe you can live with the session
> lingering if the window is closed anyway.  It's probably not a big
concern
> if the timeout period is short enough, but you need to recognize that
you
> may see more than one session per user for a few minutes if they log
on
> again.
> 
> Hope that helps!
> 
> Frank
> 
> 
> >From: Alex <alex@squigly.net>
> >Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
> >To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> >Subject: list active sessions.
> >Date: Mon, 21 Jun 2004 08:52:42 -0400 (EDT)
> >
> >
> >Is there a way to list all sessions which are currently active for
the
> >webapp which would be calling for such a list?
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> 
> _________________________________________________________________
> Is your PC infected? Get a FREE online computer virus scan from
McAfeeR
> Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message