Hello,
i need for some reasons to end a HTTP Session or, at least, destroy the session & conversation contexts of the session (reasons see below post if you want know).
I've tried the following:
General, i track all existing sessions in an application scoped component, including HTTP session ID, user name and so on.
First try: Using JMX MBean, e. g.:
ObjectName objName = new ObjectName("jboss.web:host=localhost,path=/MyApp,type=Manager");
mbeanServer.invoke(objName, "expireSession",
new String[] { sessionInfo.getHttpSessionId() },
new String[] { "java.lang.String" });
This works very well if using outside the application (e. g. using the JMX console). If i try that inside the application (using own
management views) i get the following exception:
ERROR [[/MyApp]] Session event listener threw exception
java.lang.IllegalStateException: Please end the HttpSession via Seam.invalidateSession()
at org.jboss.seam.contexts.Lifecycle.endSession(Lifecycle.java:221)
Second try:
I track also the SEAM session-Object:
Session session = Session.instance();
Then, later, i call
session.invalidate();
That works, but: the session context will not deleted until a HTTPP request of the killed
session! (Like SEAM's conversation timeout facility).
So this helps just as little as the first try.
Has anyone an idea to solve that problem?
Many regards,
Raimund
P.S. Why do i need that?
The problem is that a conversation writes some logical locking flags
to the database to avoid concurrently access to specific objects. These flags will be reset if the conversation ends (t. m. a conversation scoped bean is destroyed).
If now the user closes the browser without ending the action properly the object will be locked until a session timeout.
Unfortunately, SEAM conversation timeout does not help because it is detected only on a request of the session - which never will occur.
Currently, the session timeout is relatively long (30 Minutes) to prevent the user from permanently reconnect if they - for example - are disturbed by a phone call.