> When a user hits the site, they get allocated a unique 48 character
session
> ID (allocated by me). If they then login, I tie that sessionId to a
userId
> (both rows in seperate tables)
>
> But I have a design question... They can log-out, but many do not
> (obviously), so what would be the best way of clearing out-of-date
> sessionIds at regular intervals?
Sorry, just re-read this. So... you're making your own session IDs and
storing them in the database? Why? If you let the app server do that work
for you, you can take advantage of the solution I suggested before.
Assuming that is not an option, I would say you are on the right track with
the timer MBean. You'll need a field in your "session" table that gets
updated every time one of your users hits a page. Otherwise you have no way
of knowing when they have been logged in for a long time and are still
working or have left without logging out. (Another argument for using the
non-database solution, IMHO.)
~Mike
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
