Invalidating session in
Invalidating session in - punk rock online dating
I have also implemented session.invalidate in the Logout Servlet too. Dhana The best piece of advice I can give with regards to the session is not to rely on it too much.
Once the session is successfully invalidated it clears all of its authenticated data (see data).
When invalidation succeeds this will trigger the invalidation Succeeded event.
and according to sun this method is depreciated for security reason.
so kindly is there any alternative way we have many thing like remote ip address, Session Listner, Context Listner etc. The best method to invalidate session or not allowing a user to have more than one session, is to create the context scoped map and store the session id and all the relevant info of user into the map.
I have idea like by using Http Session Listener we can do.
But after creating a class of Http Session Listener, what should I do.
The session handles the returned promise and when it resolves becomes authenticated, otherwise remains unauthenticated.
All data the authenticator resolves with will be accessible via the session data's property. A resolving promise indicates that the session was successfully authenticated while a rejecting promise indicates that authentication failed and the session remains unauthenticated.
We have already seen invalidate() method in session implicit object tutorial. Here we will see how to validate/invalidate a session.
Lets understand this with the help of an example: In the below example we have three jsp pages.
The session service provides access to the current session as well as methods to authenticate it, invalidate it, etc.