On 7/28/05, Frank W. Zammetti <[EMAIL PROTECTED]> wrote:
> Nope, not as far as I know... in fact, I just implemented a listener
> today that does some maintenace-type things like the code below, and it
> works fine, that's under Tomcat 5.5.28 I believe... spec 2.3 as I recall?
I believe that Tomcat 4.x was at spec 2.3 level and Tomcat 5.x is at
spec 2.4 level. In any case, I'm using a Jetty 4.2.x container which
I'm absolutely certain only has spec 2.3 support.
>
> sessionDestroyed() would be all but useless if you couldn't get at the
> attributes, I would be utterly shocked if the spec changed in that
> way... I'd bet you saw either a bad implementation, or you actually ARE
> losing your mind :) (not to worry, wherever yours is, mine is right
> behind it!)
I totally agree, but, all I was able to get was the jsessionid. It
turns out we had a database table for auditing purposes already. So, I
was able to stick the jsessionid into the login audit entry for the
user. This allowed me to determine the user associated with session
just destroyed so that I could add an audit table entry for the
matching logout for that user too.
Believe me, I wouldn't have gone to all that trouble if the session
data was available for me to get to the user attribute in the session.
This has stirred my curiosity. I'll give it another go for my current
project (we weren't using Jetty on the previous project) and report
back.
-Van
>
> Frank
>
> Van wrote:
> > On 7/25/05, Frank W. Zammetti <[EMAIL PROTECTED]> wrote:
> >
> >>SessionListener is what you want.
> >>
> >>Here's an example from one of my apps (condensed for space)... it is used
> >>to delete a temporary PDF that may have been generated for the user when
> >>they log off:
> >>
> >>import company.app.User;
> >>import javax.servlet.http.HttpSession;
> >>import javax.servlet.http.HttpSessionEvent;
> >>import javax.servlet.http.HttpSessionListener;
> >>public class MySessionListener implements HttpSessionListener {
> >> public synchronized void sessionCreated(HttpSessionEvent se) {
> >> }
> >> public synchronized void sessionDestroyed(HttpSessionEvent se) {
> >> HttpSession sess = se.getSession();
> >> User user = (User)sess.getAttribute("user");
> >> String userID = user.getUserID();
> >> AppHelpers.deletePDF(userID);
> >> }
> >>}
> >
> >
> > I could be losing my mind, but, I swear that I tried this technique
> > once and by the time the sessionDestroyed() method was called, I was
> > not able to get any of the session attributes back anymore. For
> > various reasons, the webapps I develop need to be deployable in a
> > Servlet 2.3 environment. Is this something where the behavior changed
> > for the better in Servlet 2.4 versus 2.3?
> >
> > -Van
> >
>
> --
> Frank W. Zammetti
> Founder and Chief Software Architect
> Omnytex Technologies
> http://www.omnytex.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
- Mike "Van" Riper
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
