Removing a jsessionid for a soon to go invalid session

S

Steve

I have a purchased specialized search tool that cannot tolerate being
shut down before it completes its search, so when a user logs out of
our tomcat application session, I redirect them and then allow the
search to complete in a thread. At the end of that thread I invalidate
the session. The problem is that if the same user logs back in, they
are still using the
dying jsessionid and get attached to the session as it dies. I need
for them to get a new session. Is there any way to remove the
jsessionid cookie from the browser for a running tomcat session?
 
L

Lew

Steve said:
I have a purchased specialized search tool that cannot tolerate being
shut down before it completes its search, so when a user logs out of
our tomcat application session, I redirect them and then allow the
search to complete in a thread. At the end of that thread I invalidate
the session. The problem is that if the same user logs back in, they
are still using the
dying jsessionid and get attached to the session as it dies. I need
for them to get a new session. Is there any way to remove the
jsessionid cookie from the browser for a running tomcat session?
Click to expand...

I have been taught not to create threads within a Web app.

What about session.invalidate()? That will kill the session but not the thread.

I assume that the logout of which you speak is via a user click. If they
simply close their browser or time out they won't be able to re-enter the old
session in any event.

If the search is running in its own thread and the app has already sent a new
screen to the user, how does the user get to see the search results? I figure
you must have solved that aspect, and that issue interests me.

- Lew
 
S

Steve

Hi Lew,
The "search tool" runs in its own tomcat and our webapp opens a
socket to it and exchanges XML. Then the search updates on our screen
are by AJAX.
As for session.invalidate(), that is what I do, but I have to wait
for the search to complete. I have to wait only because the "search
tool" can't handle a interrupted search.

Thanks,
Steve
 
L

Lew

Steve said:
Hi Lew,
The "search tool" runs in its own tomcat and our webapp opens a
socket to it and exchanges XML. Then the search updates on our screen
are by AJAX.
As for session.invalidate(), that is what I do, but I have to wait
for the search to complete. I have to wait only because the "search
tool" can't handle a interrupted search.
Click to expand...

How does session.invalidate() interrupt the search?

- Lew
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Tomcat creates a cookie with a new jsessionid when timeout occurs 3
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Session problem: jsessionid Cookie comes back with double quotes 2
Changing from cookies to URL rewriting for session management forTomcat 5.5 0
Prohibiting session crossover for multiple JBoss instances 1
Getting the session id of a stateful web service? 0
When session is invalid, how to redirect user to the login page 3
Is there a way to detect two browsers using the same session ID? 5

Members online

Total: 55 (members: 3, guests: 52)
Robots: 469

Forum statistics

Threads
473,769
Messages
2,569,580
Members
45,054
Latest member
TrimKetoBoost

Latest Threads

Top