How to invalidate a session based on the session id
[58 byte] By [varun.iyera] at [2007-11-26 18:51:02] 
How to invalidate a session based on the session id
# 1
You have to write your own support for this.
It used to be in the API, but was deprecated as a security hole.
The best way to do it is implement a session listener (javax.servlet.http.HttpSessionListener) which notifies you when sessions are created/destroyed.
You can then keep a map of sessions in your own code, indexed by session Id, and access any/all of them to invalidate as you choose.
evnafetsa at 2007-7-9 6:25:07 >
Enterprise & Remote Computing New Topic
- can you click a button, send a forms content and a parameter (like id?)
- Application Servers
- What's wrong with my send email app?
- What's wrong with my send email app?
- My JS code doesn't work. Please help =)
- @EJB injection within JSF managed-bean returns null object
- Servlet creating data based on input from portlet (how to pass Object)
- Acessing JavaBean's object members from inside a JSP
Enterprise & Remote Computing Hot Topic
Enterprise & Remote Computing
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding