DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=37356>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=37356 ------- Additional Comments From [EMAIL PROTECTED] 2006-03-12 14:24 ------- Since this a severe bug for our customers (because multiple concurrent sessions are not allowed for a single user ID), I use the following simple workaround: 1) A servlet Filter mapped to "/*" manages 2 session attributes (*): - the end date of the last service() call, which is more interesting than the access date - the count of running service() calls 2) An HttpSessionListener maintains a list of all valid sessions. It has a timer that checks at a fixed rate if any session in this list has expired. The inactivity duration is computed from the end date of the last service(), so long running requests are correctly handled. Sessions that have at least one running service() are not invalidated, they are checked later. (*) the order of attribute updates is important to avoid a race condition that can occur if the timer checks the session list between the two calls to session.setAttribute(). -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
