When I shut down Tomcat, shouldn't HttpSessionListener.sessionDestroyed() be called
for each existing session?
When users authenticate to my application, I store their username and encrypted
password in a database where it's associated with their session. When the session is
destroyed, I have a session listener delete the database row associated with that
session. However, when I shut down Tomcat I end up with orphaned rows in the database.
Is there a way to have HttpSessionListener.sessionDestroyed() called for each session
when shutting down Tomcat?
TIA!