tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Tomcats Sessions not getting released
Date Wed, 11 Feb 2009 13:32:54 GMT
Hash: SHA1


On 2/11/2009 12:21 AM, sudip pattanayak wrote:
> Actually our design structure is such that we allow just one session
> for any user.

I understand.

> So when if a user is logged in any other system or he has not logged
> off the previous instance, and then again he tries to login then we
> tell the user that your session is already active, do you want
> forcefully loggoff or not, if he says yes then the the previous
> sessions are identified and we give a call to the normal logoff
> function.

I also understand this. I asked HOW you are accomplishing this. If you
are, for instance, keeping references to all sessions then you are
probably causing those sessions to remain in memory yourself, rather
than Tomcat doing something improper.

So, how do you identify a user's existing sessions? There is no servlet
API method that can do that. There is no servlet API method or set of
methods that allow you to even traverse all active sessions. So, you
must be doing some kind of storage of those sessions yourself. How? Post

> But the problem comes when sometime this forcefull logoff fails. The
> session the user is logged in previously is not released when the
> forcefull logoff is called and therfore the function fails and  the
> subsequent login is not allowed.

How do you attempt to "forcefully logoff" the user? Be specific.

> In the logoff function we call the session ID is identified for the
> previous login of the user and at the same time value unbound is
> called so that the user is releases from the earlier session.

Do you mean you call:


or something like that?

That's not a logout. That's just removing an attribute from the session
("value" became "attribute" nearly 10 years ago, btw).

- -chris
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message