How to call sessionDestroyed when a session times out

Question

I am new to JSP. I used the following code in a class that implements HttpSessionListener to get SESSION OUT when the session times out:

    public void sessionCreated(HttpSessionEvent arg0) {  
        System.out.print("SESSION Created");
    }

    public void sessionDestroyed(HttpSessionEvent arg0) {
        System.out.print("SESSION OUT");
    }

and I set in web.xml:

  <session-config>
     <session-timeout>1</session-timeout> 
  </session-config>

The servlet waits more than two minutes, then it calls sessionDestroyed.

Is there is a way to force sessionDestroyed when time out ?

Thanks in advance.

Answer 1

What makes you think that sessionDestroyed is not being called when the session times out? Or in other words, what's you interpretation of the fact it gets called at all?

The servlet will handle the validity of sessions in its own manner, including session timeouts, and when it determines that the session is no longer valid it will call your method. However, I don't think any servlets guarantee any particular timeliness in this regard; my understanding is that it's a bit like garbage collection in that it is guaranteed to happen at some point, but not necessarily at the earliest possible instance that the session becomes eligible for destruction.

In any case, it seems almost certain that the servlet is doing what you want - seeing that the session is timed out and calling the appropriate method - the only question is whether you're going to see this exactly 60 seconds after the last request or a bit later. I would suggest that in general you shouldn't rely on the exact timings of when this method is called; use it to clear up resources, sure, but not for something like program correctness (you'll get IllegalStateExceptions if calling methods on an invalid session anyway). If you feel you really must rely on this, perhaps explain what you're doing so that others can suggest more suitable ways to achieve this.

Answer 2

I don't think the J2EE spec makes any guarantees about when the methods on the listener will be called. It just states that they will be called at some point.

I've seen code which worked on one container (Tomcat) but didn't work on another container (OC4J). The developers had made an invalid assumption about when the sessionDestroyed method will be called.

UPDATE

Note that the behaviour of this interface changed in v2.4 of the servlet spec. See page 21 for details.

Answer 3

when you force the user to logout via the invalidate() method that the HttpSessionListener sessionDestroyed() method is called twice, once when they logout, and a second time after some delayed time period. This occurs if after the logout you redirect the user back to a web page within your application. What you're essentially doing is starting another session (which may not be immediately obvious if you haven't added security/authentication requirements to all your web pages), and the delayed second call of the sessionDestroyed() method is a timeout occurring. The simple solution, on logout redirect the user to a web page outside of your application.Read this article session

Answer 4

The servlet waits more than two minutes, then it calls sessionDestroyed.

Is there is a way to force sessionDestroyed when time out ?

This is implementation specific (application server dependent). There is a background thread which checks the sessions at timed intervals and reaps all the expired ones. This may occur every minute but can also be every 15 minutes. They will also be reaped immediately if you fire a request while the associated session has already been timed out but not reaped yet.

Thus if you for instance wait one minute and fire a new request, then it will be immediately reaped. There is really no need to worry about that. You don't need to force it to reap them immediately, that would have been an expensive task. You know, it's all just about programming, not about some magic ;)

Answer 5

thanks all, I force session calling using timer, this works for me thanks all for your efforts