Manually Invalidating All Stale Sessions
1
import java.io.*;
2import java.util.*;
3import javax.servlet.*;
4import javax.servlet.http.*;
5
6
public class ManualInvalidateScan extends HttpServlet {
7
8 public void doGet(HttpServletRequest req, HttpServletResponse res)
9
throws ServletException, IOException {
10 res.setContentType("text/plain");
11 PrintWriter out = res.getWriter();
12
13 // Get the current session object, create one if necessary
14 HttpSession dummySession = req.getSession(true);
15
16 // Use the session to get the session context
17 HttpSessionContext context = dummySession.getSessionContext();
18
19 // Use the session context to get a list of session IDs
20 Enumeration ids = context.getIds();
21
22 // Iterate over the session IDs checking for stale sessions
23 while (ids.hasMoreElements()) {
24 String id = (String)ids.nextElement();
25 out.println("Checking " + id + "
");
26 HttpSession session = context.getSession(id);
27
28 // Invalidate the session if it's more than a day old or has been
29 // inactive for more than an hour.
30 Date dayAgo = new Date(System.currentTimeMillis() - 24*60*60*1000);
31 Date hourAgo = new Date(System.currentTimeMillis() - 60*60*1000);
32 Date created = new Date(session.getCreationTime());
33 Date accessed = new Date(session.getLastAccessedTime());
34
35 if (created.before(dayAgo)) {
36 out.println("More than a day old, invalidated!");
37 session.invalidate();
38
}
39 else if (accessed.before(hourAgo)) {
40 out.println("More than an hour inactive, invalidated!");
41 session.invalidate();
42 }
43 else {
44 out.println("Still valid.");
45 }
46 out.println();
47 }
48 }
49
}
50
import java.io.*;2
import java.util.*;3
import javax.servlet.*;4
import javax.servlet.http.*;5
6
public class ManualInvalidateScan extends HttpServlet {
7
8
public void doGet(HttpServletRequest req, HttpServletResponse res)9
throws ServletException, IOException {
throws ServletException, IOException 10
res.setContentType("text/plain");11
PrintWriter out = res.getWriter();12
13
// Get the current session object, create one if necessary14
HttpSession dummySession = req.getSession(true);15
16
// Use the session to get the session context17
HttpSessionContext context = dummySession.getSessionContext();18
19
// Use the session context to get a list of session IDs20
Enumeration ids = context.getIds();21
22
// Iterate over the session IDs checking for stale sessions23
while (ids.hasMoreElements()) {24
String id = (String)ids.nextElement();25
out.println("Checking " + id + "");26
HttpSession session = context.getSession(id);27
28
// Invalidate the session if it's more than a day old or has been29
// inactive for more than an hour.30
Date dayAgo = new Date(System.currentTimeMillis() - 24*60*60*1000);31
Date hourAgo = new Date(System.currentTimeMillis() - 60*60*1000);32
Date created = new Date(session.getCreationTime());33
Date accessed = new Date(session.getLastAccessedTime());34
35
if (created.before(dayAgo)) {36
out.println("More than a day old, invalidated!");37
session.invalidate();38
}39
else if (accessed.before(hourAgo)) {40
out.println("More than an hour inactive, invalidated!");41
session.invalidate();42
}43
else {44
out.println("Still valid.");45
}46
out.println();47
}48
}49
}50
