2 Replies Latest reply on Jan 19, 2010 1:10 PM by bossy

    Managing user session (not web http session)

    bossy

      Hello,


      I'm trying to add user session management functionality to my application and so far haven't gotten too far.
      The user session starts the moment the user successfully logs in and ends when any of these is true:




      1. The user logs out


      2. The http session expires


      3. The browser window is closed


      4. The AS is stopped




      I want to persist the times of the beginning and the end of the user's session in my DB.


      I've already looked at some of the articles related to session management, including Christian Bauer's In relation to ... Implementing graceful session timeout with Seam, JSF, and jQuery, but there are still issues I haven't managed to resolve,


      My approach is to create a bean in SESSION scope. The time of the user logging in is persisted in the DB as the beginning of the user's session When the user logs out or the session is destroyed( therefore the bean is destroyed) - that time is logged as the end of the user's session.
      The problem with this is that the user may log in long after the web session has started.  The web session may have even expired by the time the user logs in.


      I was hoping to be able to reset the session, but can't find a way of doing this.


      My questions are:
      1. What other approaches may be available to achieve this? Note that I'm not that interested on the client aspect. Redirecting to log in page once the session has expired is enough for now.


      2. How can I reset the web session?


      Thanks.