You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by David Kerber <dc...@verizon.net> on 2006/02/09 15:37:42 UTC
Logging session timeouts
Is there any way of trapping session timeouts, so I can log them? I am
logging when a user logs in and when they explicitly log out, but would
like to log when their session times out, if that is possible.
TIA!
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Joey Geiger <jo...@staff.onmilwaukee.com>.
Ugh, sorry I pasted and mailed the wrong link...
The example posted by Tim Lucia is good.
>>I was hoping for something a little simpler to implement into my app for
>>just logging a user timing out
Just look at the code and use it as a base and modify what you need.
-----Original Message-----
From: Joey Geiger [mailto:joey@staff.onmilwaukee.com]
Sent: Thursday, February 09, 2006 8:48 AM
To: 'Tomcat Users List'
Subject: RE: Logging session timeouts
Session Listeners
http://pdf.coreservlets.com/CSAJSP-Chapter9.pdf
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 8:38 AM
To: Tomcat Users List
Subject: Logging session timeouts
Is there any way of trapping session timeouts, so I can log them? I am
logging when a user logs in and when they explicitly log out, but would
like to log when their session times out, if that is possible.
TIA!
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Joey Geiger <jo...@staff.onmilwaukee.com>.
Session Listeners
http://pdf.coreservlets.com/CSAJSP-Chapter9.pdf
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 8:38 AM
To: Tomcat Users List
Subject: Logging session timeouts
Is there any way of trapping session timeouts, so I can log them? I am
logging when a user logs in and when they explicitly log out, but would
like to log when their session times out, if that is possible.
TIA!
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Logging session timeouts
Posted by David Kerber <dc...@verizon.net>.
I was hoping for something a little simpler to implement into my app for
just logging a user timing out (something like a HttpSession.timeOut
event), but I will definitely have a use for the high water mark
functionality in the not-too-distant future.
Thanks!
Tim Lucia wrote:
>Below is a filter which keeps track of how many sessions are attached to a
>web app. The key part is the HttpSessionBindingListener interface.
>
>Tim
>
>
>/**
> * J2EE "Filter" to count page hits. What it counts depends on the
>url-mapping
> * in web.xml.
> *
> * @author tim.lucia
> */
>public class SessionCountFilter
> implements Filter, HttpSessionBindingListener, Serializable
>{
> private final static Log logger =
>LogFactory.getLog(SessionCountFilter.class);
>
> public static final Hashtable sessions = new Hashtable();
> public static int sessionCountHighWater = 0;
>
> /**
> * Container startup notification
> */
> public void init(FilterConfig arg0) throws ServletException
> {
> logger.debug("init(): " + arg0);
> }
>
> /**
> * Container shutdown notification
> */
> public void destroy()
> {
> logger.debug("destroy()");
> }
>
> /**
> * Process the container's filter request.
> * @param request - Request object
> * @param response - response object
> * @param chain - next filter in the chain.
> */
> public void doFilter(ServletRequest request, ServletResponse response,
> FilterChain chain)
> throws IOException, ServletException
> {
> chain.doFilter(request, response);
>
> HttpServletRequest httpRequest = (HttpServletRequest)request;
> HttpSession session = httpRequest.getSession(false);
> if (logger.isDebugEnabled()) {
> logger.debug("Request " + httpRequest.getRequestURI() +
> (session == null ? " returned no session" :
> " belongs to session ID " + session.getId()));
> }
>
> // Bind to the session, if there is one, and it is new:
> if (null != session && session.isNew()) {
> session.setAttribute(toString(), this);
> }
> }
>
> /**
> * Implement HttpSessionBindingListener#valueBound
> */
> public void valueBound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = session.getId();
> sessions.put(session, sessionID);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] CREATE: " + sessionID);
> }
> sessionCountHighWater =
> (sessionCountHighWater < sessions.size() ? sessions.size() :
>sessionCountHighWater);
> }
>
> /**
> * Implement HttpSessionBindingListener#valueUnbound
> */
> public void valueUnbound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = (String)sessions.get(session);
> sessions.remove(session);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] DESTROY: " + sessionID);
> }
> }
>
> /**
> * Return current count of sessions
> * @return The number of sessions currently tracked
> */
> public static int getSessionCount()
> {
> return sessions.size();
> }
>
> /**
> * Return high water mark of number of sessions
> * @return The high water mark of sessions tracked
> */
> public static int getSessionCountHighWater()
> {
> return sessionCountHighWater;
> }
>
> /**
> * Return string representation of this object
> * @return a String representation of this object
> */
> public String toString()
> {
> return getClass().getName() + "#" + hashCode();
> }
>}
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 9:38 AM
>To: Tomcat Users List
>Subject: Logging session timeouts
>
>Is there any way of trapping session timeouts, so I can log them? I am
>logging when a user logs in and when they explicitly log out, but would like
>to log when their session times out, if that is possible.
>
>TIA!
>Dave
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Logging session timeouts
Posted by David Kerber <dc...@verizon.net>.
Cool; I'll give that one a try as well. Do you have any idea which one
is likely to give less of a performance hit in an environment of 50 to
100 simultaneous users, where everything is done in a session, and there
is no static content?
Dave
Joey Geiger wrote:
>Here is the code I use, instead of a filter, I use a listener so I don't
>have to worry about setting urls.
>
>This part is in web.xml
>
><listener>
> <listener-class>yourpackage.SessionListener</listener-class>
></listener>
>
>
>The majority of this code was found online (and I think came from
>coreservlets.com)
>
>package yourpackage;
>
>import java.util.Date;
>import java.util.Enumeration;
>
>import javax.servlet.ServletContextEvent;
>import javax.servlet.ServletContextListener;
>import javax.servlet.http.HttpSession;
>import javax.servlet.http.HttpSessionEvent;
>import javax.servlet.http.HttpSessionListener;
>
>import org.apache.commons.logging.Log;
>import org.apache.commons.logging.LogFactory;
>
>
>public class SessionListener implements ServletContextListener,
>HttpSessionListener{
>
> private static int sessionCount=0;
> protected transient final Log logger =
>LogFactory.getLog(this.getClass());
>
> public void contextInitialized(ServletContextEvent sce)
> {
> sce.getServletContext().setAttribute("sessionListener",this);
> }
>
> public void contextDestroyed(ServletContextEvent sce)
> {
> }
>
> public synchronized void sessionCreated(HttpSessionEvent event){
> HttpSession session = event.getSession();
>// session.setMaxInactiveInterval(60);
> synchronized (this) {
> sessionCount++;
> }
> String id = session.getId();
> Date now = new Date();
> String message = new StringBuffer("New Session created on
>").append(
> now.toString()).append("\nID:
>").append(id).append("\n")
> .append("There are now ").append("" +
>sessionCount).append(
> " live sessions in the
>application.").toString();
>
> this.logger.debug("Created:" + message);
> session.setAttribute("sessionstarted",new Date());
> }
>
> public void sessionDestroyed(HttpSessionEvent event) {
> HttpSession session = event.getSession();
> String id = session.getId();
>
> synchronized (this) {
> sessionCount--;
> }
>
> String message = new StringBuffer("Session destroyed"
> + "\nValue of destroyed session ID is
>").append("" + id)
> .append("\n").append("There are now ")
> .append("" + sessionCount).append(
> " live sessions in the
>application.").toString();
> this.logger.debug("Destroyed: " + message);
>
> Date d = (Date)session.getAttribute("sessionstarted");
> this.logger.debug("Session Length:
>"+millisecondsToString(System.currentTimeMillis() - d.getTime()));
>
>
> Enumeration stuff = session.getAttributeNames();
> while (stuff.hasMoreElements()) {
> String name = (String) stuff.nextElement();
>// Object value = session.getAttribute(name);
> this.logger.debug("Attribute Name:"+name);
> }
>
> }
>
> public int getSessionCount() { return sessionCount; }
>
>
> /**
> * Converts time in milliseconds to a <code>String</code> in the
>format Days HH:mm:ss.SSS.
> * @param time the time in milliseconds.
> * @return a <code>String</code> representing the time in the format
>Days HH:mm:ss.SSS.
> */
> public static String millisecondsToString(long time)
> {
> int milliseconds = (int)(time % 1000);
> int seconds = (int)((time/1000) % 60);
> int minutes = (int)((time/60000) % 60);
> int hours = (int)((time/3600000) % 24);
> int days = (int)((time/3600000)/24);
>// hours += days*24;
> String millisecondsStr = (milliseconds<10 ? "00" :
>(milliseconds<100 ? "0" : ""))+milliseconds;
> String secondsStr = (seconds<10 ? "0" : "")+seconds;
> String minutesStr = (minutes<10 ? "0" : "")+minutes;
> String hoursStr = (hours<10 ? "0" : "")+hours;
> return new String(days+" Days
>"+hoursStr+":"+minutesStr+":"+secondsStr+"."+millisecondsStr);
> }
>
>}
>
>
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 9:56 AM
>To: Tomcat Users List
>Subject: Re: Logging session timeouts
>
>I got your code in, and it compiles, but I don't understand how I
>configure the url-mapping you refer to. Could you point me to some docs
>for that? I looked through the web.xml files (both the server one, and
>the one for the app), but couldn't find anything about url-mapping or
>filters that seemed to apply to this. It may be there, but I don't know
>enough about it to recognize it.
>
>Thanks!
>Dave
>
>
>Tim Lucia wrote:
>
>
>
>>Below is a filter which keeps track of how many sessions are attached to a
>>web app. The key part is the HttpSessionBindingListener interface.
>>
>>Tim
>>
>>
>>/**
>>* J2EE "Filter" to count page hits. What it counts depends on the
>>url-mapping
>>* in web.xml.
>>*
>>* @author tim.lucia
>>*/
>>public class SessionCountFilter
>> implements Filter, HttpSessionBindingListener, Serializable
>>{
>> private final static Log logger =
>>LogFactory.getLog(SessionCountFilter.class);
>>
>> public static final Hashtable sessions = new Hashtable();
>> public static int sessionCountHighWater = 0;
>>
>> /**
>> * Container startup notification
>> */
>> public void init(FilterConfig arg0) throws ServletException
>> {
>> logger.debug("init(): " + arg0);
>> }
>>
>> /**
>> * Container shutdown notification
>> */
>> public void destroy()
>> {
>> logger.debug("destroy()");
>> }
>>
>> /**
>> * Process the container's filter request.
>> * @param request - Request object
>> * @param response - response object
>> * @param chain - next filter in the chain.
>> */
>> public void doFilter(ServletRequest request, ServletResponse response,
>> FilterChain chain)
>> throws IOException, ServletException
>> {
>> chain.doFilter(request, response);
>>
>> HttpServletRequest httpRequest = (HttpServletRequest)request;
>> HttpSession session = httpRequest.getSession(false);
>> if (logger.isDebugEnabled()) {
>> logger.debug("Request " + httpRequest.getRequestURI() +
>> (session == null ? " returned no session" :
>> " belongs to session ID " + session.getId()));
>> }
>>
>> // Bind to the session, if there is one, and it is new:
>> if (null != session && session.isNew()) {
>> session.setAttribute(toString(), this);
>> }
>> }
>>
>> /**
>> * Implement HttpSessionBindingListener#valueBound
>> */
>> public void valueBound(HttpSessionBindingEvent bindEvent)
>> {
>> HttpSession session = bindEvent.getSession();
>> final String sessionID = session.getId();
>> sessions.put(session, sessionID);
>> if (logger.isDebugEnabled()) {
>> logger.debug("[" + sessions.size() + "] CREATE: " +
>>
>>
>sessionID);
>
>
>> }
>> sessionCountHighWater =
>> (sessionCountHighWater < sessions.size() ? sessions.size() :
>>sessionCountHighWater);
>> }
>>
>> /**
>> * Implement HttpSessionBindingListener#valueUnbound
>> */
>> public void valueUnbound(HttpSessionBindingEvent bindEvent)
>> {
>> HttpSession session = bindEvent.getSession();
>> final String sessionID = (String)sessions.get(session);
>> sessions.remove(session);
>> if (logger.isDebugEnabled()) {
>> logger.debug("[" + sessions.size() + "] DESTROY: " +
>>
>>
>sessionID);
>
>
>> }
>> }
>>
>> /**
>> * Return current count of sessions
>> * @return The number of sessions currently tracked
>> */
>> public static int getSessionCount()
>> {
>> return sessions.size();
>> }
>>
>> /**
>> * Return high water mark of number of sessions
>> * @return The high water mark of sessions tracked
>> */
>> public static int getSessionCountHighWater()
>> {
>> return sessionCountHighWater;
>> }
>>
>> /**
>> * Return string representation of this object
>> * @return a String representation of this object
>> */
>> public String toString()
>> {
>> return getClass().getName() + "#" + hashCode();
>> }
>>}
>>
>>-----Original Message-----
>>From: David Kerber [mailto:dckerber@verizon.net]
>>Sent: Thursday, February 09, 2006 9:38 AM
>>To: Tomcat Users List
>>Subject: Logging session timeouts
>>
>>Is there any way of trapping session timeouts, so I can log them? I am
>>logging when a user logs in and when they explicitly log out, but would
>>
>>
>like
>
>
>>to log when their session times out, if that is possible.
>>
>>TIA!
>>Dave
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>
>>
>>
>>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Joey Geiger <jo...@staff.onmilwaukee.com>.
Here is the code I use, instead of a filter, I use a listener so I don't
have to worry about setting urls.
This part is in web.xml
<listener>
<listener-class>yourpackage.SessionListener</listener-class>
</listener>
The majority of this code was found online (and I think came from
coreservlets.com)
package yourpackage;
import java.util.Date;
import java.util.Enumeration;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
public class SessionListener implements ServletContextListener,
HttpSessionListener{
private static int sessionCount=0;
protected transient final Log logger =
LogFactory.getLog(this.getClass());
public void contextInitialized(ServletContextEvent sce)
{
sce.getServletContext().setAttribute("sessionListener",this);
}
public void contextDestroyed(ServletContextEvent sce)
{
}
public synchronized void sessionCreated(HttpSessionEvent event){
HttpSession session = event.getSession();
// session.setMaxInactiveInterval(60);
synchronized (this) {
sessionCount++;
}
String id = session.getId();
Date now = new Date();
String message = new StringBuffer("New Session created on
").append(
now.toString()).append("\nID:
").append(id).append("\n")
.append("There are now ").append("" +
sessionCount).append(
" live sessions in the
application.").toString();
this.logger.debug("Created:" + message);
session.setAttribute("sessionstarted",new Date());
}
public void sessionDestroyed(HttpSessionEvent event) {
HttpSession session = event.getSession();
String id = session.getId();
synchronized (this) {
sessionCount--;
}
String message = new StringBuffer("Session destroyed"
+ "\nValue of destroyed session ID is
").append("" + id)
.append("\n").append("There are now ")
.append("" + sessionCount).append(
" live sessions in the
application.").toString();
this.logger.debug("Destroyed: " + message);
Date d = (Date)session.getAttribute("sessionstarted");
this.logger.debug("Session Length:
"+millisecondsToString(System.currentTimeMillis() - d.getTime()));
Enumeration stuff = session.getAttributeNames();
while (stuff.hasMoreElements()) {
String name = (String) stuff.nextElement();
// Object value = session.getAttribute(name);
this.logger.debug("Attribute Name:"+name);
}
}
public int getSessionCount() { return sessionCount; }
/**
* Converts time in milliseconds to a <code>String</code> in the
format Days HH:mm:ss.SSS.
* @param time the time in milliseconds.
* @return a <code>String</code> representing the time in the format
Days HH:mm:ss.SSS.
*/
public static String millisecondsToString(long time)
{
int milliseconds = (int)(time % 1000);
int seconds = (int)((time/1000) % 60);
int minutes = (int)((time/60000) % 60);
int hours = (int)((time/3600000) % 24);
int days = (int)((time/3600000)/24);
// hours += days*24;
String millisecondsStr = (milliseconds<10 ? "00" :
(milliseconds<100 ? "0" : ""))+milliseconds;
String secondsStr = (seconds<10 ? "0" : "")+seconds;
String minutesStr = (minutes<10 ? "0" : "")+minutes;
String hoursStr = (hours<10 ? "0" : "")+hours;
return new String(days+" Days
"+hoursStr+":"+minutesStr+":"+secondsStr+"."+millisecondsStr);
}
}
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 9:56 AM
To: Tomcat Users List
Subject: Re: Logging session timeouts
I got your code in, and it compiles, but I don't understand how I
configure the url-mapping you refer to. Could you point me to some docs
for that? I looked through the web.xml files (both the server one, and
the one for the app), but couldn't find anything about url-mapping or
filters that seemed to apply to this. It may be there, but I don't know
enough about it to recognize it.
Thanks!
Dave
Tim Lucia wrote:
>Below is a filter which keeps track of how many sessions are attached to a
>web app. The key part is the HttpSessionBindingListener interface.
>
>Tim
>
>
>/**
> * J2EE "Filter" to count page hits. What it counts depends on the
>url-mapping
> * in web.xml.
> *
> * @author tim.lucia
> */
>public class SessionCountFilter
> implements Filter, HttpSessionBindingListener, Serializable
>{
> private final static Log logger =
>LogFactory.getLog(SessionCountFilter.class);
>
> public static final Hashtable sessions = new Hashtable();
> public static int sessionCountHighWater = 0;
>
> /**
> * Container startup notification
> */
> public void init(FilterConfig arg0) throws ServletException
> {
> logger.debug("init(): " + arg0);
> }
>
> /**
> * Container shutdown notification
> */
> public void destroy()
> {
> logger.debug("destroy()");
> }
>
> /**
> * Process the container's filter request.
> * @param request - Request object
> * @param response - response object
> * @param chain - next filter in the chain.
> */
> public void doFilter(ServletRequest request, ServletResponse response,
> FilterChain chain)
> throws IOException, ServletException
> {
> chain.doFilter(request, response);
>
> HttpServletRequest httpRequest = (HttpServletRequest)request;
> HttpSession session = httpRequest.getSession(false);
> if (logger.isDebugEnabled()) {
> logger.debug("Request " + httpRequest.getRequestURI() +
> (session == null ? " returned no session" :
> " belongs to session ID " + session.getId()));
> }
>
> // Bind to the session, if there is one, and it is new:
> if (null != session && session.isNew()) {
> session.setAttribute(toString(), this);
> }
> }
>
> /**
> * Implement HttpSessionBindingListener#valueBound
> */
> public void valueBound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = session.getId();
> sessions.put(session, sessionID);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] CREATE: " +
sessionID);
> }
> sessionCountHighWater =
> (sessionCountHighWater < sessions.size() ? sessions.size() :
>sessionCountHighWater);
> }
>
> /**
> * Implement HttpSessionBindingListener#valueUnbound
> */
> public void valueUnbound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = (String)sessions.get(session);
> sessions.remove(session);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] DESTROY: " +
sessionID);
> }
> }
>
> /**
> * Return current count of sessions
> * @return The number of sessions currently tracked
> */
> public static int getSessionCount()
> {
> return sessions.size();
> }
>
> /**
> * Return high water mark of number of sessions
> * @return The high water mark of sessions tracked
> */
> public static int getSessionCountHighWater()
> {
> return sessionCountHighWater;
> }
>
> /**
> * Return string representation of this object
> * @return a String representation of this object
> */
> public String toString()
> {
> return getClass().getName() + "#" + hashCode();
> }
>}
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 9:38 AM
>To: Tomcat Users List
>Subject: Logging session timeouts
>
>Is there any way of trapping session timeouts, so I can log them? I am
>logging when a user logs in and when they explicitly log out, but would
like
>to log when their session times out, if that is possible.
>
>TIA!
>Dave
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Tim Lucia <ti...@yahoo.com>.
I don't believe so. Someone please correct me if I am wrong.
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 12:09 PM
To: Tomcat Users List
Subject: Re: Logging session timeouts
That got me going; thanks!
One more question:
Is there any way of telling if the session was actively invalidated, or if
it timed out? Looking at the docs for HttpSessionBindingEvent, I don't see
any differentiation between them. That's not a big deal, but would be nice
to have.
Dave
Tim Lucia wrote:
>Add the following fragment to your web.xml:
>
> <!-- Session Counting Filter
-->
> <!-- Every request passing through this filter will be checked for a
-->
> <!-- newly-created session, which will be then counted against the
-->
> <!-- total sessions using this application.
-->
> <filter>
> <filter-name>SessionCountFilter</filter-name>
> <filter-class>SessionCountFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>SessionCountFilter</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 10:56 AM
>To: Tomcat Users List
>Subject: Re: Logging session timeouts
>
>I got your code in, and it compiles, but I don't understand how I
>configure the url-mapping you refer to. Could you point me to some
>docs for that? I looked through the web.xml files (both the server
>one, and the one for the app), but couldn't find anything about
>url-mapping or filters that seemed to apply to this. It may be there,
>but I don't know enough about it to recognize it.
>
>Thanks!
>Dave
>
>
>Tim Lucia wrote:
>
>
>
>>Below is a filter which keeps track of how many sessions are attached
>>to a web app. The key part is the HttpSessionBindingListener interface.
>>
>>Tim
>>
>>
>>/**
>>* J2EE "Filter" to count page hits. What it counts depends on the
>>url-mapping
>>* in web.xml.
>>*
>>* @author tim.lucia
>>*/
>>public class SessionCountFilter
>> implements Filter, HttpSessionBindingListener, Serializable {
>> private final static Log logger =
>>LogFactory.getLog(SessionCountFilter.class);
>>
>> public static final Hashtable sessions = new Hashtable();
>> public static int sessionCountHighWater = 0;
>>
>> /**
>> * Container startup notification
>> */
>> public void init(FilterConfig arg0) throws ServletException
>> {
>> logger.debug("init(): " + arg0);
>> }
>>
>> /**
>> * Container shutdown notification
>> */
>> public void destroy()
>> {
>> logger.debug("destroy()");
>> }
>>
>> /**
>> * Process the container's filter request.
>> * @param request - Request object
>> * @param response - response object
>> * @param chain - next filter in the chain.
>> */
>> public void doFilter(ServletRequest request, ServletResponse response,
>> FilterChain chain)
>> throws IOException, ServletException
>> {
>> chain.doFilter(request, response);
>>
>> HttpServletRequest httpRequest = (HttpServletRequest)request;
>> HttpSession session = httpRequest.getSession(false);
>> if (logger.isDebugEnabled()) {
>> logger.debug("Request " + httpRequest.getRequestURI() +
>> (session == null ? " returned no session" :
>> " belongs to session ID " + session.getId()));
>> }
>>
>> // Bind to the session, if there is one, and it is new:
>> if (null != session && session.isNew()) {
>> session.setAttribute(toString(), this);
>> }
>> }
>>
>> /**
>> * Implement HttpSessionBindingListener#valueBound
>> */
>> public void valueBound(HttpSessionBindingEvent bindEvent)
>> {
>> HttpSession session = bindEvent.getSession();
>> final String sessionID = session.getId();
>> sessions.put(session, sessionID);
>> if (logger.isDebugEnabled()) {
>> logger.debug("[" + sessions.size() + "] CREATE: " +
>>
>>
>sessionID);
>
>
>> }
>> sessionCountHighWater =
>> (sessionCountHighWater < sessions.size() ? sessions.size() :
>>sessionCountHighWater);
>> }
>>
>> /**
>> * Implement HttpSessionBindingListener#valueUnbound
>> */
>> public void valueUnbound(HttpSessionBindingEvent bindEvent)
>> {
>> HttpSession session = bindEvent.getSession();
>> final String sessionID = (String)sessions.get(session);
>> sessions.remove(session);
>> if (logger.isDebugEnabled()) {
>> logger.debug("[" + sessions.size() + "] DESTROY: " +
>>
>>
>sessionID);
>
>
>> }
>> }
>>
>> /**
>> * Return current count of sessions
>> * @return The number of sessions currently tracked
>> */
>> public static int getSessionCount()
>> {
>> return sessions.size();
>> }
>>
>> /**
>> * Return high water mark of number of sessions
>> * @return The high water mark of sessions tracked
>> */
>> public static int getSessionCountHighWater()
>> {
>> return sessionCountHighWater;
>> }
>>
>> /**
>> * Return string representation of this object
>> * @return a String representation of this object
>> */
>> public String toString()
>> {
>> return getClass().getName() + "#" + hashCode();
>> }
>>}
>>
>>-----Original Message-----
>>From: David Kerber [mailto:dckerber@verizon.net]
>>Sent: Thursday, February 09, 2006 9:38 AM
>>To: Tomcat Users List
>>Subject: Logging session timeouts
>>
>>Is there any way of trapping session timeouts, so I can log them? I
>>am logging when a user logs in and when they explicitly log out, but
>>would like to log when their session times out, if that is possible.
>>
>>TIA!
>>Dave
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>
>>
>>
>>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Logging session timeouts
Posted by David Kerber <dc...@verizon.net>.
Joey Geiger wrote:
>While the user can delete the cookie that is associated with the session,
>the server will consider the session valid until it times out, as the user
>is unable to end the session manually. If you add in a link/button that says
>"Remove my session from server" and then have the application invalidate the
>session, the listener would still log it the same as if the server did it
>automatically, but you also now have control over logging that.
>
>
That's essentially what I have: a "log out" link, whch logs it and
calls session.invaildate(), but I know not all my users use it.
>I might be wrong (a famous saying) but I don't know how effective the Filter
>version of the system will be, as it needs to be invoked via a request in
>order to process/expire the session. The listener is able to log sessions as
>they end, and not require a user to hit the filter first. (If a user goes
>inactive, the session will expire, and the listener will catch it and log
>it)
>
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 11:09 AM
>To: Tomcat Users List
>Subject: Re: Logging session timeouts
>
>That got me going; thanks!
>
>One more question:
>Is there any way of telling if the session was actively invalidated, or
>if it timed out? Looking at the docs for HttpSessionBindingEvent, I
>don't see any differentiation between them. That's not a big deal, but
>would be nice to have.
>
>Dave
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Logging session timeouts
Posted by David Kerber <dc...@verizon.net>.
Thanks! It seems to be unanimous then, that for the purposes I need,
the listener is the way to go. That was my gut feel as well, but I
don't know enough of the internals of session handling to know why it
would be that way.
GB Developer wrote:
>Well let's just think about that for a second.
>
>Filter:
>a filter is called each and every time you make a web request. So even if
>the filter is highly efficient, if you make 1000 requests in a session, you
>(that is, the container) will invoke the filter's doFilter method 1000
>times.
>
>Listener:
>A session is created exactly once and destroyed exactly once.
>
>
>
>
>
>>-----Original Message-----
>>From: David Kerber [mailto:dckerber@verizon.net]
>>Sent: Thursday, February 09, 2006 12:16 PM
>>To: Tomcat Users List
>>Subject: Re: Logging session timeouts
>>
>>
>>I still have a question about performance: any idea which of these
>>methods (filter or listener) will use less cpu time when
>>handling 50 to
>>100 simultaneous users, each logged in with their own ID and session?
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by GB Developer <gb...@globallyboundless.com>.
Well let's just think about that for a second.
Filter:
a filter is called each and every time you make a web request. So even if
the filter is highly efficient, if you make 1000 requests in a session, you
(that is, the container) will invoke the filter's doFilter method 1000
times.
Listener:
A session is created exactly once and destroyed exactly once.
> -----Original Message-----
> From: David Kerber [mailto:dckerber@verizon.net]
> Sent: Thursday, February 09, 2006 12:16 PM
> To: Tomcat Users List
> Subject: Re: Logging session timeouts
>
>
> I still have a question about performance: any idea which of these
> methods (filter or listener) will use less cpu time when
> handling 50 to
> 100 simultaneous users, each logged in with their own ID and session?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Tim Lucia <ti...@yahoo.com>.
The listener should get called only once, right? Whereas the filter will
get called for every matching URL (keeping in mind it does additional useful
things in my case...) and if checks to see if the session is new each and
every time.
I seem to recall an issue recently (can't find it in a quick scan of the
archives) about sessionDestroyed(SessionEvent) being called after the
session is invalidated. I think the valueUnbound() method gets called
during the destruction process and the session is still valid at this point.
DON'T QUOTE ME ON THIS! I wrote the filter a while ago, and have just
brought it along as needed... If someone knows for sure... Please let me
(us) know.
Tim
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 1:16 PM
To: Tomcat Users List
Subject: Re: Logging session timeouts
Thanks to both of you, Tim and Joey! I've tested them both, and either one
of these methods seems to work great for my limited needs.
I still have a question about performance: any idea which of these methods
(filter or listener) will use less cpu time when handling 50 to 100
simultaneous users, each logged in with their own ID and session?
Dave
Tim Lucia wrote:
>The filter, implementing HttpSessionListener, and binding itself to the
>session, will be called by Tomcat when the session is invalidated (all
>bound values which implement HttpSessionListener will have their
>valueUnbound method called.)
>
>So, the filter is effective in that it won't miss any session unbind
>events as long as the filter captures the creation request as well. If
>you create the session but the request which does so has not passed
>through the filter, then it will not know when the session goes away.
>
>So in the listener case, you are guaranteed a call from the server any
>time any session is created. That might be a better approach,
>depending on your need(s). In my case, the filter does a whole lot
>more, but I stripped it down before posting it to only show the relevant
section.
>
>Tim
>
>-----Original Message-----
>From: Joey Geiger [mailto:joey@staff.onmilwaukee.com]
>Sent: Thursday, February 09, 2006 12:27 PM
>To: 'Tomcat Users List'
>Subject: RE: Logging session timeouts
>
>While the user can delete the cookie that is associated with the
>session, the server will consider the session valid until it times out,
>as the user is unable to end the session manually. If you add in a
>link/button that says "Remove my session from server" and then have the
>application invalidate the session, the listener would still log it the
>same as if the server did it automatically, but you also now have control
over logging that.
>
>I might be wrong (a famous saying) but I don't know how effective the
>Filter version of the system will be, as it needs to be invoked via a
>request in order to process/expire the session. The listener is able to
>log sessions as they end, and not require a user to hit the filter
>first. (If a user goes inactive, the session will expire, and the
>listener will catch it and log
>it)
>
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 11:09 AM
>To: Tomcat Users List
>Subject: Re: Logging session timeouts
>
>That got me going; thanks!
>
>One more question:
>Is there any way of telling if the session was actively invalidated, or
>if it timed out? Looking at the docs for HttpSessionBindingEvent, I
>don't see any differentiation between them. That's not a big deal, but
>would be nice to have.
>
>Dave
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Logging session timeouts
Posted by David Kerber <dc...@verizon.net>.
Thanks to both of you, Tim and Joey! I've tested them both, and either
one of these methods seems to work great for my limited needs.
I still have a question about performance: any idea which of these
methods (filter or listener) will use less cpu time when handling 50 to
100 simultaneous users, each logged in with their own ID and session?
Dave
Tim Lucia wrote:
>The filter, implementing HttpSessionListener, and binding itself to the
>session, will be called by Tomcat when the session is invalidated (all bound
>values which implement HttpSessionListener will have their valueUnbound
>method called.)
>
>So, the filter is effective in that it won't miss any session unbind events
>as long as the filter captures the creation request as well. If you create
>the session but the request which does so has not passed through the filter,
>then it will not know when the session goes away.
>
>So in the listener case, you are guaranteed a call from the server any time
>any session is created. That might be a better approach, depending on your
>need(s). In my case, the filter does a whole lot more, but I stripped it
>down before posting it to only show the relevant section.
>
>Tim
>
>-----Original Message-----
>From: Joey Geiger [mailto:joey@staff.onmilwaukee.com]
>Sent: Thursday, February 09, 2006 12:27 PM
>To: 'Tomcat Users List'
>Subject: RE: Logging session timeouts
>
>While the user can delete the cookie that is associated with the session,
>the server will consider the session valid until it times out, as the user
>is unable to end the session manually. If you add in a link/button that says
>"Remove my session from server" and then have the application invalidate the
>session, the listener would still log it the same as if the server did it
>automatically, but you also now have control over logging that.
>
>I might be wrong (a famous saying) but I don't know how effective the Filter
>version of the system will be, as it needs to be invoked via a request in
>order to process/expire the session. The listener is able to log sessions as
>they end, and not require a user to hit the filter first. (If a user goes
>inactive, the session will expire, and the listener will catch it and log
>it)
>
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 11:09 AM
>To: Tomcat Users List
>Subject: Re: Logging session timeouts
>
>That got me going; thanks!
>
>One more question:
>Is there any way of telling if the session was actively invalidated, or if
>it timed out? Looking at the docs for HttpSessionBindingEvent, I don't see
>any differentiation between them. That's not a big deal, but would be nice
>to have.
>
>Dave
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Joey Geiger <jo...@staff.onmilwaukee.com>.
Thank you for the clarification.
-----Original Message-----
From: Tim Lucia [mailto:timlucia@yahoo.com]
Sent: Thursday, February 09, 2006 11:38 AM
To: 'Tomcat Users List'
Subject: RE: Logging session timeouts
The filter, implementing HttpSessionListener, and binding itself to the
session, will be called by Tomcat when the session is invalidated (all bound
values which implement HttpSessionListener will have their valueUnbound
method called.)
So, the filter is effective in that it won't miss any session unbind events
as long as the filter captures the creation request as well. If you create
the session but the request which does so has not passed through the filter,
then it will not know when the session goes away.
So in the listener case, you are guaranteed a call from the server any time
any session is created. That might be a better approach, depending on your
need(s). In my case, the filter does a whole lot more, but I stripped it
down before posting it to only show the relevant section.
Tim
-----Original Message-----
From: Joey Geiger [mailto:joey@staff.onmilwaukee.com]
Sent: Thursday, February 09, 2006 12:27 PM
To: 'Tomcat Users List'
Subject: RE: Logging session timeouts
While the user can delete the cookie that is associated with the session,
the server will consider the session valid until it times out, as the user
is unable to end the session manually. If you add in a link/button that says
"Remove my session from server" and then have the application invalidate the
session, the listener would still log it the same as if the server did it
automatically, but you also now have control over logging that.
I might be wrong (a famous saying) but I don't know how effective the Filter
version of the system will be, as it needs to be invoked via a request in
order to process/expire the session. The listener is able to log sessions as
they end, and not require a user to hit the filter first. (If a user goes
inactive, the session will expire, and the listener will catch it and log
it)
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 11:09 AM
To: Tomcat Users List
Subject: Re: Logging session timeouts
That got me going; thanks!
One more question:
Is there any way of telling if the session was actively invalidated, or if
it timed out? Looking at the docs for HttpSessionBindingEvent, I don't see
any differentiation between them. That's not a big deal, but would be nice
to have.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Tim Lucia <ti...@yahoo.com>.
The filter, implementing HttpSessionListener, and binding itself to the
session, will be called by Tomcat when the session is invalidated (all bound
values which implement HttpSessionListener will have their valueUnbound
method called.)
So, the filter is effective in that it won't miss any session unbind events
as long as the filter captures the creation request as well. If you create
the session but the request which does so has not passed through the filter,
then it will not know when the session goes away.
So in the listener case, you are guaranteed a call from the server any time
any session is created. That might be a better approach, depending on your
need(s). In my case, the filter does a whole lot more, but I stripped it
down before posting it to only show the relevant section.
Tim
-----Original Message-----
From: Joey Geiger [mailto:joey@staff.onmilwaukee.com]
Sent: Thursday, February 09, 2006 12:27 PM
To: 'Tomcat Users List'
Subject: RE: Logging session timeouts
While the user can delete the cookie that is associated with the session,
the server will consider the session valid until it times out, as the user
is unable to end the session manually. If you add in a link/button that says
"Remove my session from server" and then have the application invalidate the
session, the listener would still log it the same as if the server did it
automatically, but you also now have control over logging that.
I might be wrong (a famous saying) but I don't know how effective the Filter
version of the system will be, as it needs to be invoked via a request in
order to process/expire the session. The listener is able to log sessions as
they end, and not require a user to hit the filter first. (If a user goes
inactive, the session will expire, and the listener will catch it and log
it)
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 11:09 AM
To: Tomcat Users List
Subject: Re: Logging session timeouts
That got me going; thanks!
One more question:
Is there any way of telling if the session was actively invalidated, or if
it timed out? Looking at the docs for HttpSessionBindingEvent, I don't see
any differentiation between them. That's not a big deal, but would be nice
to have.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Joey Geiger <jo...@staff.onmilwaukee.com>.
While the user can delete the cookie that is associated with the session,
the server will consider the session valid until it times out, as the user
is unable to end the session manually. If you add in a link/button that says
"Remove my session from server" and then have the application invalidate the
session, the listener would still log it the same as if the server did it
automatically, but you also now have control over logging that.
I might be wrong (a famous saying) but I don't know how effective the Filter
version of the system will be, as it needs to be invoked via a request in
order to process/expire the session. The listener is able to log sessions as
they end, and not require a user to hit the filter first. (If a user goes
inactive, the session will expire, and the listener will catch it and log
it)
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 11:09 AM
To: Tomcat Users List
Subject: Re: Logging session timeouts
That got me going; thanks!
One more question:
Is there any way of telling if the session was actively invalidated, or
if it timed out? Looking at the docs for HttpSessionBindingEvent, I
don't see any differentiation between them. That's not a big deal, but
would be nice to have.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Logging session timeouts
Posted by David Kerber <dc...@verizon.net>.
That got me going; thanks!
One more question:
Is there any way of telling if the session was actively invalidated, or
if it timed out? Looking at the docs for HttpSessionBindingEvent, I
don't see any differentiation between them. That's not a big deal, but
would be nice to have.
Dave
Tim Lucia wrote:
>Add the following fragment to your web.xml:
>
> <!-- Session Counting Filter -->
> <!-- Every request passing through this filter will be checked for a -->
> <!-- newly-created session, which will be then counted against the -->
> <!-- total sessions using this application. -->
> <filter>
> <filter-name>SessionCountFilter</filter-name>
> <filter-class>SessionCountFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>SessionCountFilter</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 10:56 AM
>To: Tomcat Users List
>Subject: Re: Logging session timeouts
>
>I got your code in, and it compiles, but I don't understand how I configure
>the url-mapping you refer to. Could you point me to some docs for that? I
>looked through the web.xml files (both the server one, and the one for the
>app), but couldn't find anything about url-mapping or filters that seemed to
>apply to this. It may be there, but I don't know enough about it to
>recognize it.
>
>Thanks!
>Dave
>
>
>Tim Lucia wrote:
>
>
>
>>Below is a filter which keeps track of how many sessions are attached
>>to a web app. The key part is the HttpSessionBindingListener interface.
>>
>>Tim
>>
>>
>>/**
>>* J2EE "Filter" to count page hits. What it counts depends on the
>>url-mapping
>>* in web.xml.
>>*
>>* @author tim.lucia
>>*/
>>public class SessionCountFilter
>> implements Filter, HttpSessionBindingListener, Serializable {
>> private final static Log logger =
>>LogFactory.getLog(SessionCountFilter.class);
>>
>> public static final Hashtable sessions = new Hashtable();
>> public static int sessionCountHighWater = 0;
>>
>> /**
>> * Container startup notification
>> */
>> public void init(FilterConfig arg0) throws ServletException
>> {
>> logger.debug("init(): " + arg0);
>> }
>>
>> /**
>> * Container shutdown notification
>> */
>> public void destroy()
>> {
>> logger.debug("destroy()");
>> }
>>
>> /**
>> * Process the container's filter request.
>> * @param request - Request object
>> * @param response - response object
>> * @param chain - next filter in the chain.
>> */
>> public void doFilter(ServletRequest request, ServletResponse response,
>> FilterChain chain)
>> throws IOException, ServletException
>> {
>> chain.doFilter(request, response);
>>
>> HttpServletRequest httpRequest = (HttpServletRequest)request;
>> HttpSession session = httpRequest.getSession(false);
>> if (logger.isDebugEnabled()) {
>> logger.debug("Request " + httpRequest.getRequestURI() +
>> (session == null ? " returned no session" :
>> " belongs to session ID " + session.getId()));
>> }
>>
>> // Bind to the session, if there is one, and it is new:
>> if (null != session && session.isNew()) {
>> session.setAttribute(toString(), this);
>> }
>> }
>>
>> /**
>> * Implement HttpSessionBindingListener#valueBound
>> */
>> public void valueBound(HttpSessionBindingEvent bindEvent)
>> {
>> HttpSession session = bindEvent.getSession();
>> final String sessionID = session.getId();
>> sessions.put(session, sessionID);
>> if (logger.isDebugEnabled()) {
>> logger.debug("[" + sessions.size() + "] CREATE: " +
>>
>>
>sessionID);
>
>
>> }
>> sessionCountHighWater =
>> (sessionCountHighWater < sessions.size() ? sessions.size() :
>>sessionCountHighWater);
>> }
>>
>> /**
>> * Implement HttpSessionBindingListener#valueUnbound
>> */
>> public void valueUnbound(HttpSessionBindingEvent bindEvent)
>> {
>> HttpSession session = bindEvent.getSession();
>> final String sessionID = (String)sessions.get(session);
>> sessions.remove(session);
>> if (logger.isDebugEnabled()) {
>> logger.debug("[" + sessions.size() + "] DESTROY: " +
>>
>>
>sessionID);
>
>
>> }
>> }
>>
>> /**
>> * Return current count of sessions
>> * @return The number of sessions currently tracked
>> */
>> public static int getSessionCount()
>> {
>> return sessions.size();
>> }
>>
>> /**
>> * Return high water mark of number of sessions
>> * @return The high water mark of sessions tracked
>> */
>> public static int getSessionCountHighWater()
>> {
>> return sessionCountHighWater;
>> }
>>
>> /**
>> * Return string representation of this object
>> * @return a String representation of this object
>> */
>> public String toString()
>> {
>> return getClass().getName() + "#" + hashCode();
>> }
>>}
>>
>>-----Original Message-----
>>From: David Kerber [mailto:dckerber@verizon.net]
>>Sent: Thursday, February 09, 2006 9:38 AM
>>To: Tomcat Users List
>>Subject: Logging session timeouts
>>
>>Is there any way of trapping session timeouts, so I can log them? I am
>>logging when a user logs in and when they explicitly log out, but would
>>like to log when their session times out, if that is possible.
>>
>>TIA!
>>Dave
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>
>>
>>
>>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Tim Lucia <ti...@yahoo.com>.
Add the following fragment to your web.xml:
<!-- Session Counting Filter -->
<!-- Every request passing through this filter will be checked for a -->
<!-- newly-created session, which will be then counted against the -->
<!-- total sessions using this application. -->
<filter>
<filter-name>SessionCountFilter</filter-name>
<filter-class>SessionCountFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SessionCountFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 10:56 AM
To: Tomcat Users List
Subject: Re: Logging session timeouts
I got your code in, and it compiles, but I don't understand how I configure
the url-mapping you refer to. Could you point me to some docs for that? I
looked through the web.xml files (both the server one, and the one for the
app), but couldn't find anything about url-mapping or filters that seemed to
apply to this. It may be there, but I don't know enough about it to
recognize it.
Thanks!
Dave
Tim Lucia wrote:
>Below is a filter which keeps track of how many sessions are attached
>to a web app. The key part is the HttpSessionBindingListener interface.
>
>Tim
>
>
>/**
> * J2EE "Filter" to count page hits. What it counts depends on the
>url-mapping
> * in web.xml.
> *
> * @author tim.lucia
> */
>public class SessionCountFilter
> implements Filter, HttpSessionBindingListener, Serializable {
> private final static Log logger =
>LogFactory.getLog(SessionCountFilter.class);
>
> public static final Hashtable sessions = new Hashtable();
> public static int sessionCountHighWater = 0;
>
> /**
> * Container startup notification
> */
> public void init(FilterConfig arg0) throws ServletException
> {
> logger.debug("init(): " + arg0);
> }
>
> /**
> * Container shutdown notification
> */
> public void destroy()
> {
> logger.debug("destroy()");
> }
>
> /**
> * Process the container's filter request.
> * @param request - Request object
> * @param response - response object
> * @param chain - next filter in the chain.
> */
> public void doFilter(ServletRequest request, ServletResponse response,
> FilterChain chain)
> throws IOException, ServletException
> {
> chain.doFilter(request, response);
>
> HttpServletRequest httpRequest = (HttpServletRequest)request;
> HttpSession session = httpRequest.getSession(false);
> if (logger.isDebugEnabled()) {
> logger.debug("Request " + httpRequest.getRequestURI() +
> (session == null ? " returned no session" :
> " belongs to session ID " + session.getId()));
> }
>
> // Bind to the session, if there is one, and it is new:
> if (null != session && session.isNew()) {
> session.setAttribute(toString(), this);
> }
> }
>
> /**
> * Implement HttpSessionBindingListener#valueBound
> */
> public void valueBound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = session.getId();
> sessions.put(session, sessionID);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] CREATE: " +
sessionID);
> }
> sessionCountHighWater =
> (sessionCountHighWater < sessions.size() ? sessions.size() :
>sessionCountHighWater);
> }
>
> /**
> * Implement HttpSessionBindingListener#valueUnbound
> */
> public void valueUnbound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = (String)sessions.get(session);
> sessions.remove(session);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] DESTROY: " +
sessionID);
> }
> }
>
> /**
> * Return current count of sessions
> * @return The number of sessions currently tracked
> */
> public static int getSessionCount()
> {
> return sessions.size();
> }
>
> /**
> * Return high water mark of number of sessions
> * @return The high water mark of sessions tracked
> */
> public static int getSessionCountHighWater()
> {
> return sessionCountHighWater;
> }
>
> /**
> * Return string representation of this object
> * @return a String representation of this object
> */
> public String toString()
> {
> return getClass().getName() + "#" + hashCode();
> }
>}
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 9:38 AM
>To: Tomcat Users List
>Subject: Logging session timeouts
>
>Is there any way of trapping session timeouts, so I can log them? I am
>logging when a user logs in and when they explicitly log out, but would
>like to log when their session times out, if that is possible.
>
>TIA!
>Dave
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Logging session timeouts
Posted by David Kerber <dc...@verizon.net>.
I got your code in, and it compiles, but I don't understand how I
configure the url-mapping you refer to. Could you point me to some docs
for that? I looked through the web.xml files (both the server one, and
the one for the app), but couldn't find anything about url-mapping or
filters that seemed to apply to this. It may be there, but I don't know
enough about it to recognize it.
Thanks!
Dave
Tim Lucia wrote:
>Below is a filter which keeps track of how many sessions are attached to a
>web app. The key part is the HttpSessionBindingListener interface.
>
>Tim
>
>
>/**
> * J2EE "Filter" to count page hits. What it counts depends on the
>url-mapping
> * in web.xml.
> *
> * @author tim.lucia
> */
>public class SessionCountFilter
> implements Filter, HttpSessionBindingListener, Serializable
>{
> private final static Log logger =
>LogFactory.getLog(SessionCountFilter.class);
>
> public static final Hashtable sessions = new Hashtable();
> public static int sessionCountHighWater = 0;
>
> /**
> * Container startup notification
> */
> public void init(FilterConfig arg0) throws ServletException
> {
> logger.debug("init(): " + arg0);
> }
>
> /**
> * Container shutdown notification
> */
> public void destroy()
> {
> logger.debug("destroy()");
> }
>
> /**
> * Process the container's filter request.
> * @param request - Request object
> * @param response - response object
> * @param chain - next filter in the chain.
> */
> public void doFilter(ServletRequest request, ServletResponse response,
> FilterChain chain)
> throws IOException, ServletException
> {
> chain.doFilter(request, response);
>
> HttpServletRequest httpRequest = (HttpServletRequest)request;
> HttpSession session = httpRequest.getSession(false);
> if (logger.isDebugEnabled()) {
> logger.debug("Request " + httpRequest.getRequestURI() +
> (session == null ? " returned no session" :
> " belongs to session ID " + session.getId()));
> }
>
> // Bind to the session, if there is one, and it is new:
> if (null != session && session.isNew()) {
> session.setAttribute(toString(), this);
> }
> }
>
> /**
> * Implement HttpSessionBindingListener#valueBound
> */
> public void valueBound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = session.getId();
> sessions.put(session, sessionID);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] CREATE: " + sessionID);
> }
> sessionCountHighWater =
> (sessionCountHighWater < sessions.size() ? sessions.size() :
>sessionCountHighWater);
> }
>
> /**
> * Implement HttpSessionBindingListener#valueUnbound
> */
> public void valueUnbound(HttpSessionBindingEvent bindEvent)
> {
> HttpSession session = bindEvent.getSession();
> final String sessionID = (String)sessions.get(session);
> sessions.remove(session);
> if (logger.isDebugEnabled()) {
> logger.debug("[" + sessions.size() + "] DESTROY: " + sessionID);
> }
> }
>
> /**
> * Return current count of sessions
> * @return The number of sessions currently tracked
> */
> public static int getSessionCount()
> {
> return sessions.size();
> }
>
> /**
> * Return high water mark of number of sessions
> * @return The high water mark of sessions tracked
> */
> public static int getSessionCountHighWater()
> {
> return sessionCountHighWater;
> }
>
> /**
> * Return string representation of this object
> * @return a String representation of this object
> */
> public String toString()
> {
> return getClass().getName() + "#" + hashCode();
> }
>}
>
>-----Original Message-----
>From: David Kerber [mailto:dckerber@verizon.net]
>Sent: Thursday, February 09, 2006 9:38 AM
>To: Tomcat Users List
>Subject: Logging session timeouts
>
>Is there any way of trapping session timeouts, so I can log them? I am
>logging when a user logs in and when they explicitly log out, but would like
>to log when their session times out, if that is possible.
>
>TIA!
>Dave
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Logging session timeouts
Posted by Tim Lucia <ti...@yahoo.com>.
Below is a filter which keeps track of how many sessions are attached to a
web app. The key part is the HttpSessionBindingListener interface.
Tim
/**
* J2EE "Filter" to count page hits. What it counts depends on the
url-mapping
* in web.xml.
*
* @author tim.lucia
*/
public class SessionCountFilter
implements Filter, HttpSessionBindingListener, Serializable
{
private final static Log logger =
LogFactory.getLog(SessionCountFilter.class);
public static final Hashtable sessions = new Hashtable();
public static int sessionCountHighWater = 0;
/**
* Container startup notification
*/
public void init(FilterConfig arg0) throws ServletException
{
logger.debug("init(): " + arg0);
}
/**
* Container shutdown notification
*/
public void destroy()
{
logger.debug("destroy()");
}
/**
* Process the container's filter request.
* @param request - Request object
* @param response - response object
* @param chain - next filter in the chain.
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException
{
chain.doFilter(request, response);
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpSession session = httpRequest.getSession(false);
if (logger.isDebugEnabled()) {
logger.debug("Request " + httpRequest.getRequestURI() +
(session == null ? " returned no session" :
" belongs to session ID " + session.getId()));
}
// Bind to the session, if there is one, and it is new:
if (null != session && session.isNew()) {
session.setAttribute(toString(), this);
}
}
/**
* Implement HttpSessionBindingListener#valueBound
*/
public void valueBound(HttpSessionBindingEvent bindEvent)
{
HttpSession session = bindEvent.getSession();
final String sessionID = session.getId();
sessions.put(session, sessionID);
if (logger.isDebugEnabled()) {
logger.debug("[" + sessions.size() + "] CREATE: " + sessionID);
}
sessionCountHighWater =
(sessionCountHighWater < sessions.size() ? sessions.size() :
sessionCountHighWater);
}
/**
* Implement HttpSessionBindingListener#valueUnbound
*/
public void valueUnbound(HttpSessionBindingEvent bindEvent)
{
HttpSession session = bindEvent.getSession();
final String sessionID = (String)sessions.get(session);
sessions.remove(session);
if (logger.isDebugEnabled()) {
logger.debug("[" + sessions.size() + "] DESTROY: " + sessionID);
}
}
/**
* Return current count of sessions
* @return The number of sessions currently tracked
*/
public static int getSessionCount()
{
return sessions.size();
}
/**
* Return high water mark of number of sessions
* @return The high water mark of sessions tracked
*/
public static int getSessionCountHighWater()
{
return sessionCountHighWater;
}
/**
* Return string representation of this object
* @return a String representation of this object
*/
public String toString()
{
return getClass().getName() + "#" + hashCode();
}
}
-----Original Message-----
From: David Kerber [mailto:dckerber@verizon.net]
Sent: Thursday, February 09, 2006 9:38 AM
To: Tomcat Users List
Subject: Logging session timeouts
Is there any way of trapping session timeouts, so I can log them? I am
logging when a user logs in and when they explicitly log out, but would like
to log when their session times out, if that is possible.
TIA!
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org