Quoting Frank Zammetti <[EMAIL PROTECTED]>: > How would the counter persist? Even assuming the sessions persist > (something I don't see, even though I know the sessions are fully > serializable), the counter as I previously described is in-memory as part of > a static class. Are you talking about modifying it to use a database? In > that case, yes, I agree the counter should then persist as well. > The place where you are storing the counter is a static class? You mean a static inner class? Or did you, maybe mean a static variable? You do know that static variables are transient, right?
Sessions do persist, and if you are storing an object in the session that is holding a non-static/non-transient counter variable and you restart the server, and you visit the page that shows the counter and your session hasn't timed out, then the counter value you see should reflect the last value stored before the server restart (plus incrementing the counter, if that is what you do). ...Ok, I just re-read what you wrote previously and you are talking about storing a count of sessions in a SessionListener. So, I guess what I've written kind of misses the point of what you are asking. What you'd need to do is get a handle, somehow, to Tomcat's count of sessions. All your session listner would do is count sessions which are created while the listener is listening. Even if you stored the value in a database, it probably wouldn't be valid because if sessions expired between stop and start of Tomcat, I'm not sure you SessionListener would be notified about this at startup? You'd have to investigate that. If it is called for each session expiring, you could keep that value in the database, initialize your SessionListener counter variable with that value and then let the listener remove/add sessions. Jake > Frank > > > >From: Jacob Kjome <[EMAIL PROTECTED]> > >Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]> > >To: Tomcat Users List <[EMAIL PROTECTED]> > >Subject: RE: list active sessions. > >Date: Wed, 23 Jun 2004 15:10:31 +0000 > > > >Quoting Frank Zammetti <[EMAIL PROTECTED]>: > > > > > I don't see that behavior. Is there a setting in Tomcat to turn that > > > function on and off perhaps? None of my sessions survive a Tomcat > >restart, > > > so I've never had to deal with this. > > > > > > >Tomcat will dump session objects which don't implement Serializable or are > >marked as such, but fail serialization for whatever reason. Make sure > >objects > >are serializable and the counter will persist across restarts (as long as > >the > >session hasn't already timed out). > > > >Jake > > > > > Frank > > > > > > > > > >From: "Radek Liebzeit" <[EMAIL PROTECTED]> > > > >Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]> > > > >To: "'Tomcat Users List'" <[EMAIL PROTECTED]> > > > >Subject: RE: list active sessions. > > > >Date: Wed, 23 Jun 2004 07:51:08 +0200 > > > > > > > >Really nice. > > > > > > > >I am just wondering about one thing - about "persistent sessions". I > > > >have a session counter based on the SessionListeners. It is increased > > > >when some session is created and decreased when the session is > > > >destroyed. So, when I restart the Tomcat server some sessions are > > > >recreated but counter state doesn't. Therefore, after session timeout, > > > >the counter status is negative. > > > > > > > >It's not problem for me, it is enough for my purposes. I am just > > > >wondering how do you solve this behaviour? > > > > > > > >Radek > > > > > > > > > > > > > -----Original Message----- > > > > > From: Frank Zammetti [mailto:[EMAIL PROTECTED] > > > > > Sent: Monday, June 21, 2004 3:45 PM > > > > > To: [EMAIL PROTECTED] > > > > > Subject: RE: list active sessions. > > > > > > > > > > I spent a couple of days last week implementing just such a thing, > >so > > > >I > > > > > feel > > > > > qualified to answer :) > > > > > > > > > > There is no easy way to do it. There USED to be a SessionContext > > > >object > > > > > available in the servlet spec that would allow you to do a lot of > >cool > > > > > things with sessions, but it was removed as of spec 2.1 I think > > > >because > > > > > Sun > > > > > believed it to be a security risk. Unfortunately there was nothing > > > >added > > > > > to > > > > > take it's place. > > > > > > > > > > The way you have to do this, or at least one way (the only way I > > > >found) is > > > > > to track it yourself. > > > > > > > > > > First, I already had an AppConfig object that contains a static > > > >HashMap. > > > > > This has a bunch of config values for my app loaded from a config > >file > > > >at > > > > > startup. I then added an activeSessions HashMap to that class. > > > >Create a > > > > > similar class for yourself, along the lines of the following: > > > > > > > > > > import java.util.HashMap; > > > > > public class AppConfig { > > > > > private static HashMap activeUsers = null; > > > > > public static HashMap activeUsers() { > > > > > return activeUsers; > > > > > } > > > > > public static void setActiveUsers(HashMap inActiveUsers) { > > > > > activeUsers = inActiveUsers; > > > > > } > > > > > } > > > > > > > > > > Then, create a SessionListener something like the following: > > > > > > > > > > package com.mycompany.myapp; > > > > > import java.util.HashMap; > > > > > import javax.servlet.http.HttpSession; > > > > > import javax.servlet.http.HttpSessionEvent; > > > > > import javax.servlet.http.HttpSessionListener; > > > > > public class SessionListener implements HttpSessionListener { > > > > > public void sessionCreated(HttpSessionEvent se) { > > > > > HashMap activeUsers = (HashMap)AppConfig.getActiveUsers(); > > > > > synchronized (activeUsers) { > > > > > activeUsers.put(se.getSession().getId(), new HashMap()); > > > > > } > > > > > } > > > > > public void sessionDestroyed(HttpSessionEvent se) { > > > > > HashMap activeUsers = (HashMap)AppConfig.getActiveUsers(); > > > > > synchronized (appConfig) { > > > > > activeUsers.remove(se.getSession().getId()); > > > > > } > > > > > } > > > > > } > > > > > > > > > > Then just add the following to web.xml after your <servlet> section: > > > > > > > > > > <listener> > > > > > > > > ><listener-class>com.mycompany.myapp.SessionListener</listener-class> > > > > > </listener> > > > > > > > > > > Basically, every time a session is created, you'll get an entry in > >the > > > > > activeUsers HashMap keyed by sessionID, and the record will be > >removed > > > > > when > > > > > the session is destroyed. Further, what I do is that when my logon > > > >Action > > > > > is called, when the user is validated I add some information for > >that > > > >user > > > > > into the HashMap (first name, last name, logon time, etc). This > > > >allows me > > > > > to have a pretty nice little tracking display in my app. > > > > > > > > > > The one problem you run into with this is that if the user just > >closes > > > >the > > > > > browser window rather than using your nice logout function, the > > > >session > > > > > lingers until the timeout period elapses. I didn't like that! My > >app > > > >is > > > > > frames-based, and I already had one hidden frame, so I added the > > > >following > > > > > to the <body> tag of that frame's source document: > > > > > > > > > > onUnload="openLogoffPopup();" > > > > > > > > > > ... and then the openLogoffPopup() function: > > > > > > > > > > function openLogoffPopup() { > > > > > windowHandle = window.open("", "", > > > >"width=200,height=1,top=1,left=1"); > > > > > str = "<" + "html><" + "head><" + "title><" + "/title><" + > > > >"/head>"; > > > > > str += "<" + "body > > > > > onLoad=\"window.location='<%=request.getContextPath() > > > > > + "/app/logoff.app"%>';\">"; > > > > > str += "<" + "table width=\"100%\" height=\"100%\" > >border=\"0\">"; > > > > > str += "<" + "tr><" + "td align=\"center\" valign=\"middle\">"; > > > > > str += "<" + "span > > > > > style=\"color:#000000;font-family:arial;font-size:11pt;font- > > > > > weight:bold;\">"; > > > > > str += "Logging out of application...<" + "/span"; > > > > > str += "<" + "/td><" + "/tr>"; > > > > > str += "<" + "/table>"; > > > > > str += "<" + "/body><" + "/html>"; > > > > > windowHandle.document.write(str); > > > > > windowHandle.document.close(); > > > > > } > > > > > > > > > > That calls the logoff Action whcih does not much more than > > > > > session.invalidate(). This works well in IE, I do not know if it is > > > > > cross-browser though (not a concern for my company). It should work > > > >fine > > > > > to > > > > > add this to all your JSP's, assuming your app isn't frame-based, I > > > >think > > > > > it'll work just the same. But, maybe you can live with the session > > > > > lingering if the window is closed anyway. It's probably not a big > > > >concern > > > > > if the timeout period is short enough, but you need to recognize > >that > > > >you > > > > > may see more than one session per user for a few minutes if they log > > > >on > > > > > again. > > > > > > > > > > Hope that helps! > > > > > > > > > > Frank > > > > > > > > > > > > > > > >From: Alex <[EMAIL PROTECTED]> > > > > > >Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]> > > > > > >To: Tomcat Users List <[EMAIL PROTECTED]> > > > > > >Subject: list active sessions. > > > > > >Date: Mon, 21 Jun 2004 08:52:42 -0400 (EDT) > > > > > > > > > > > > > > > > > >Is there a way to list all sessions which are currently active for > > > >the > > > > > >webapp which would be calling for such a list? > > > > > > > > > > > > > > > > > > > >--------------------------------------------------------------------- > > > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > >For additional commands, e-mail: > >[EMAIL PROTECTED] > > > > > > > > > > > > > > > > _________________________________________________________________ > > > > > Is your PC infected? Get a FREE online computer virus scan from > > > >McAfeeR > > > > > Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > > > > > > > > > > > > > > > >--------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > >--------------------------------------------------------------------- > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > _________________________________________________________________ > > > >From ‘will you?’ to ‘I do,’ MSN Life Events is your resource for > >Getting > > > Married. http://lifeevents.msn.com/category.aspx?cid=married > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > _________________________________________________________________ > Is your PC infected? Get a FREE online computer virus scan from McAfee® > Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
