question about session behavior

[David Boyer <Da...@bvu.edu>]

When I shut down Tomcat, shouldn't HttpSessionListener.sessionDestroyed() be called for each existing session?
 
When users authenticate to my application, I store their username and encrypted password in a database where it's associated with their session. When the session is destroyed, I have a session listener delete the database row associated with that session. However, when I shut down Tomcat I end up with orphaned rows in the database.
 
Is there a way to have HttpSessionListener.sessionDestroyed() called for each session when shutting down Tomcat?
 
TIA!

Re: question about session behavior

["Mr. Cristian Romanescu" <c....@finsiel.ro>]

Hi, David.
There is one detail, Tomcat uses so called (I think) persistent 
sessions. Meaning...
If you close Tomcat, it creates a file 
($CATALINA_HOME/work/Standalone/yourwebapp/SESSIONS.ser) where present 
sessions are serialized.
Also when you restart Tomcat, that file is deleted. So basically when 
you close Tomcat your sessions aren't really destroyed, but saved for 
latter restart.

Hope this help.

Regards,
Cristian.

David Boyer wrote:

>When I shut down Tomcat, shouldn't HttpSessionListener.sessionDestroyed() be called for each existing session?
> 
>When users authenticate to my application, I store their username and encrypted password in a database where it's associated with their session. When the session is destroyed, I have a session listener delete the database row associated with that session. However, when I shut down Tomcat I end up with orphaned rows in the database.
> 
>Is there a way to have HttpSessionListener.sessionDestroyed() called for each session when shutting down Tomcat?
> 
>TIA!
>
>
>  
>



--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>