RE: The right place/time to clean up a session before session tim e out, or user logoff

["Miller, Jason" <jm...@ostglobal.com>]

I have a object representing a user that acts as a proxy into my
security framework that implements HttpSessionBindingListener, 
and the valueUnbound method calls my logout logic, which includes
removing the user from the set of currently logged in users, as well as
DB updates and some other little things.

The user's explicit logout action just has to invalidate the session in
this scenario.

HTH 
Jason

_______________________________________________________________


In order to keep track of who is online, I need to keep a list of on line
users. When a user sign in, which can have more 
than one routes, an account information object is created. The class
implements the HttpSessionBindingListener 
interface. The user id is added into the list in the valueBound method. 

I would like to have a single one place to remove the user id from the list
when user sign out, or session time out. The 
valueUnbound method is not a good place since the session is invalidated
already when the invalidate method is 
called. The sessionDestroyed method of the HttpSessionListener interface
isn't a right place neither.

Any suggestions?

Re: RE: The right place/time to clean up a session before session tim e out, or user logoff

[Vernon Wu <ve...@gatewaytech.com>]

I have tried something similar with yours: a object stored in the session and with a HttpSessionBindingListener 
implementation. When the invalidate method is called in the logoff action, it is too late for the valueUnbound method to 
retrieve anything from the session since it is invalid already.

9/23/2002 2:56:58 PM, "Miller, Jason" <jm...@ostglobal.com> wrote:





--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>