Erik
Filip Hanik wrote:
sessions are designed exactly for that, tracking users.
tomcat stores them for you, all you need is to store your user object in the session.
Filip
-----Original Message----- From: Greg Speechley [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 3:54 PM To: Tomcat Users List Subject: RE: Tomcat 4.1.18 session objects
Hi Yoav,
I was wondering why using sessions is unreliable for tracking users who are logged in, getting last accessed time, etc? I would have thought that storing all the current sessions in a Vector (or some other data structure) with a User object (storing all their relevant info) bound to each session would work well. What alternative would you suggest because the situation described by R.C.Nougain sounds very similar to what we have where I work.
Cheers Greg Speechley
-----Original Message----- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: Wednesday, 26 February 2003 12:46 AM To: Tomcat Users List Subject: RE: Tomcat 4.1.18 session objects
Howdy,
Where can I find the changes list from Tomcat 4.0.x to Tomcat 4.1.x.
Download any release of tomcat. Explode the distribution and you'll see a bunch of release notes files, one for each labeled release, detailing what's new in that release.
| For each user session I store the reference| to the session in a Vector so that I | can tell what users are logged-in, last-accessed-time etc. It was working fine | in Tomcat 4.0.4. But in Tomcat4.1.18 (perhaps due to new specifications) session | objects are pooled (StandardSessionFactory) and hence the references I | am storing in the Vector become useless across the jsp page calls. I have a | thread that uses this Vector to clean up the users that are timedout but since | the session refs in my Vector are useless I can do nothing. Instead of | storing the refs if I store Session IDs then can I get ref to a session from | JSP Server so that I can get the attributes I have set in it. Please comment.
Since you only asked for comments... There is no new specification regarding http servlet sessions from tomcat 4.0 to 4.1. It's still the servlet spec v2.3.
Your design is vulnerable to any changes in the container session façade implementation. Note that the container is not required to provide you with a session list per se.
I don't think using sessions to track who's logged in and last-access-time for resources is reliable. But if you want to do it that way, write an HttpSessionListener. It was created for these sort of session tracking things. Move your vector into that listener. Add a reference each time a session is created, remove it when a session is destroyed. Add whatever other functionality you need to the listener.
Yoav Shapira Millennium ChemInformatics
This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
