tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fu-Tung Cheng <>
Subject Invalidating a session when a user logs in
Date Tue, 22 Jul 2008 16:01:21 GMT

When a user logs into the system he is given a session.  If that same user logs into the system
he is given another session - if the browser is different such that there is no cookie collision.

In this case I'd like to invalidate the original session on login.  

How can I accomplish this?

My first thoughts were to stored the sessionId with the username which I could then lookup
on login and if a session exist invalidate it.  Unfortunately the getSessionById seems to
have been deprecated in the api.  

Is my only option to store the session in with my user object?




To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message