[Try2] . Each user login session create one fixedPool . When user
logout, fixedPool.shutdown()   What about if users do not call
logout action. Where and how the fixedPool to be shutdown?   Is
there a way to auto shutdown after period of time?
You can write your own listener by implementing HttpSessionListener
and call shutdown in it's `sessionDestroyed` method. Please see [1].
[1] http://www.myjavarecipes.com/tag/session-timeout-handling-in-java/
I will try1 which can be used/shared by all login users or 2 used by
per login user session then.
set session as it's life-time, then it seems you still simply can use
that spring bean with `scope` set to `session`.
session scope can be a bad choice if your "...actions such as send
email, etc" take too long to being completed because user can log out
or session can being expired in the middle of their executions!
For users logout action, I could try to check based on future.get() to
help users know there are processes still running.
I see but I think you should not force user to not logout. Consider a
user which uses a shared computer of an airport and now wants to logout
to not miss her flight :) if you force her to being loged in, but she
leaves that shared computer and this raises security issues for her as
next person can use her session :(


To help users know there are process running, comments/warning messages are shown to users.

Users can still logout, and tasks may be lost. And users may try the same steps in the next login session.

Tasks submitted through threads or action classes are the same, if users logout in the middle of process, users will need to login again and try the same steps.


For session expired, this is not clear to me. In web.xml,
session-timeout=60 for example. Users will be considered auto-logout
only if users have not use any features(no active actions) for more than
60 mins.

If there are sub-threads submitted by action class(struts2 is
thread-safe, I could consider the action class as a main thread?), and
if sub-threads have not completed, wouldn't web.xml consider there are
still active actions?

No, it just invalidates the session. And developer has to clean up when
a session is about to be invalidated (HttpSessionListener.
sessionDestroyed).

Users logout is simple:

(1)  session.getAttribute(fixpool);
       fixpool.shutdown;

(2)
 for(String attribute: attributes)
{
     session.removeAttribute(attribute);
 }
(3)
 session.invalidate();


For auto-session timeout (not logout by users), in sessionDestroyed method, I am not able to call/run (1).

I will try HttpSessionBindingListener and see if this helps.



So, wouldn't it be that user-session auto-expired only when:
(1) users have not use any features and
(2) All sub-threads submitted by users through action classes have
completed

No, it doesn't consider what you have in session. It simply invalidates.

I didn't mean session values, I mean fixPool.submit(tasks) have not completed.

To be more clear:

(1) User login:
      fixpool is created and saved into session


(2) In Action class:
      session.get(fixpool);
      fixpool.submit(tasks);


(3) web.xml session-timeout

(3.1) If users click any features in webapp, web.xml.session-timeout are not called

(3.2) If fixpool.tasks are running (called by action class), session-timeout are still called?

So, web.xml.session-timeout does not check if threads submitted through action class are completed or not

Thanks a lot.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Reply via email to