You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@turbine.apache.org by Chris Shenton <Ch...@hq.nasa.gov> on 2002/02/25 15:59:37 UTC

How to see ALL sessions/users in a webapp? Terminate one?

We're building a service and want to allow the service admin to see
all the users currently logged into it, the ones with authenticated
sessions which haven't timed out yet.  I can't find anything in the
docs that would indicate how to do this, or whether it's even
possible.  Seems like each session (including the application's admin) 
gets their own private session and has no visibility into others.
Perhaps this is part of the basic servlet model, and not a Turbine
issue. 

So is it possible to get a list of all active sessions of a webapp?

If so, would it be possible to mark another session as invalid, so the
user would be effectively "kicked off"? maybe doing something like
"User.setHasLoggedIn(false)" or "RunData.removeUserFromSession()" with
the target user's info? 

Any clues welcomed. Thanks.

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: How to see ALL sessions/users in a webapp? Terminate one?

Posted by Daniel Rall <dl...@finemaltcoding.com>.

Chris Shenton <Ch...@hq.nasa.gov> writes:

> We're building a service and want to allow the service admin to see
> all the users currently logged into it, the ones with authenticated
> sessions which haven't timed out yet.  I can't find anything in the
> docs that would indicate how to do this, or whether it's even
> possible.  Seems like each session (including the application's admin) 
> gets their own private session and has no visibility into others.
> Perhaps this is part of the basic servlet model, and not a Turbine
> issue. 
>
> So is it possible to get a list of all active sessions of a webapp?
>
> If so, would it be possible to mark another session as invalid, so the
> user would be effectively "kicked off"? maybe doing something like
> "User.setHasLoggedIn(false)" or "RunData.removeUserFromSession()" with
> the target user's info? 
>
> Any clues welcomed. Thanks.

The HttpSessionActivationListener provides some methods which may help
you here:

    public void sessionDidActivate(HttpSessionEvent event) 
 
    public void sessionWillPassivate(HttpSessionEvent event) 

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>