0 Replies Latest reply on Apr 28, 2014 4:30 PM by lar_kel

    How to catch the timepoint before session times out to get caller's principal in EJB

    lar_kel
    lar_kel Apr 28, 2014 4:30 PM

      Hi,

      I'm having a problem with a Java web application deployed on JBoss 7.1.2.

      I use Java EE 6. There is a singleton bean responsible for authentication deployed on JBoss separately from the Java web application. I wanted to track the use statistics when users log in/out.

      If users log out by clicking the logout button before the http session times out then the auth ejb can still get the principal information by calling sessionContext.getCallerPrincipal().getName(). But when session times out the principal returned by the same call is "anonymous". I call the auth bean when http session is destroyed:

      @WebListener
      public class SessionRecorder implements HttpSessionListener
      {
         @Override
          public void sessionCreated(HttpSessionEvent event)
          {}

          @Override
          public void sessionDestroyed(HttpSessionEvent event)
          {
              //Call auth ejb; sessionContext.getCallerPrincipal().getName() is called inside the ejb
          }
          }
      }

      Some actions must have happened to EJB context before HTTP session listener is called when session times out.

      Can someone please help me with this problem? Is there anyway to catch the status that timeout is about to happen? Apparently it is too late to catch it in Http Session Listener.

       

      Thanks,