Invalidating a session in
Thanks for the info, I'm not sure I understand it though...I don't know what clustering means in this context - so I'm pretty sure I'm not doing it My sessions are stored in the application-scope bean and removed when the user logs out or is 'bumped off'.
IOException; public class Invalidate Session Servlet extends Http Servlet I am a programmer, a runner, a recreational diver, currently live in the island of Bali, Indonesia. However, tracking online users isn't something CBS was designed for.If I had such a need in a CBS environment, I'd probably arrange for a service that the session-create event handler could post to and that the session-destruction event (e.g.However capturing browser closure event is not a good idea to invalidate a user session.What can be an alternative solution to invalidate a user session on browser closure ?That's because an interface describes some of the properties of the class that implements it, but not necessarily all of them.
I would like to use CBS because it seems alot simpler, but as far as I can see it won't allow me the level of control I can get with a custom solution.
Whenever a subsequent request is made, check the current time against the previous request time.
If the last activity was more than X minutes ago, consider the session expired and explicitly expire the session cookie by setting an expiration time far back.
Stack Exchange network consists of 175 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.
Visit Stack Exchange I have a web application where web session need to expire after stipulated period of time.
The session is still running and if they decide 5 mins later they need to do something else, they will try to log on and be denied as that account is already logged on and will be for 25 mins until the session times out.