I'm using Seam 2.1.1GA with JBoss 5 in a JSF project with Richfaces. I need to keep track of user sessions for security reasons so I can prevent a user from establishing more than 1 simultaneous session. I created a class that implements HttpSessionBindingListener so that I could do some housekeeping in the valueUnbound method. I was living with an IllegalStateException that was thrown and swallowed when i called oldSession.invalidate() in a method that checks to see if a user has a session that is already registered with a list I manage. After moving to JBoss, the UI behavior has changed, and I'm going to have to deal with this. Gavin and the Seam docs say this call to
invalidate is illegal, and I understand this.
But I need to be able to store the session for each user, and I've also been taking advantage of the fact I can add props to the HttpSession. So is there any way I can use the seam Session object to do what I want. Keep in mind that when I call the invalidate method, I'm not trying to invalidate the session for the current user, but a session for another user. Thanks for any help.