No - there's not a reliable way to do it. You could lower your session timeout - or simply inform your users of the consequences of not logging out. Of course, there are going to be some folks who will have Windows crash on them (!) and they might get a bit perterbed that - through no fault of their own - they have to wait for their session to expire before they can log back in.
You might ... give yourself a way to get ahold of the existing session and close that session. Of course ... that could perterb some folks too :-) I suppose you could examine it before you close it and see how long it has been idle. You could then implement some policy of "A session must be idle XX minutes before we can manually 'trash' it". So you'd wind up examining the session on basis of how long it has sat idle - and only drop folks that are idle for a given period of time (ex. session timeout is normally 30 minutes, but you implement an "agressive" timeout of 15 minutes [ or shorter, according to your view/needs ]). Aravapalli, Udaya wrote: >Hi > > I want to check if an user tries to login with an userId for >which a session is already existing and show a message. > > This can also be applied if two users want to share the same >userId and try to login at the same time. > Whenever a session is being created by the user , I want to >store the userId in the database using the valueBound method in >HttpSessionBindingListener and remove it from the Database when the >session is invalidated using the valueUnbound method. But this will >not work if the user does not explicitly invalidate the session (like >closing the browser).Then the session will remain active until the >session time out has reached. Is there any way to determine an browser >closing action by the user and invalidate the session.. > >thanks >Uday > -- Eddie Bush -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
