I want to invalidate sessions of users based on some Event. I store their sessionID, how to get their HttpSession from this ID? The HttpSessionContext class is deprecated with no replacement.
How to get the HttpSession object ? The HttpServletRequest interface provides two methods to get the object of HttpSession: public HttpSession getSession():Returns the current session associated with this request, or if the request does not have a session, creates one.
httpSession contains the properties, and is stored on the Web client as a cookie.
Object of HttpSession used to view & manipulate information about session - Servlets.
The methods that are already doing this are deprecated. But you can implement the your idea useing HttpSessionListener, when a new session is created store it in a HashMap with session id as a key and object is actual HttpSessionObject. You can get the reference by this.
Servlet 2.2 specifically deprecated this for security reasons so there shouldn't be any official way to do this. Not recommended but you can can try to use Manager.findSession() if you use Tomcat.
I just removed HttpSession from my application. It's really hard to keep sessions in sync when many servers are running. We tried to tweak it by writing our own manager but can never get it work right. Finally, we wrote our own session implementation with about 500-lines of code and it works much better.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With