Package com.ibm.wsspi.servlet.session
Interface IBMSessionExt
- All Superinterfaces:
Externalizable
,javax.servlet.http.HttpSession
,IBMSession
,Serializable
The IBMSessionExt interface extends the javax.servlet.http.HttpSession
interface of the
Servlet API to
Invalidate all sessions with the same session id as the current
session.
WebSphere implementation of http session object implements this interface.
Example code:
IBMSessionExt sessExt = (IBMSessionExt)request.getSession();
sessExt.invalidateAll(true);
-
Method Summary
Modifier and TypeMethodDescriptionvoid
Same as invalidateAll(false)
If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".void
invalidateAll
(boolean remote) To invalidate all session across web applications with the same session id as the current session.Methods inherited from interface java.io.Externalizable
readExternal, writeExternal
Methods inherited from interface javax.servlet.http.HttpSession
getAttribute, getAttributeNames, getCreationTime, getId, getLastAccessedTime, getMaxInactiveInterval, getServletContext, getSessionContext, getValue, getValueNames, invalidate, isNew, putValue, removeAttribute, removeValue, setAttribute, setMaxInactiveInterval
Methods inherited from interface com.ibm.websphere.servlet.session.IBMSession
getIBMApplicationSession, getIBMApplicationSession, getUserName, isOverflow, sync
-
Method Details
-
invalidateAll
To invalidate all session across web applications with the same session id as the current session.
If "remote" is false, the scope is limited to the JVM. However, if persistent sessions are enabled, the session is removed from the back-end store. This will prevent any other servers from retrieving that session should that server not have the session cached or if its cached copy is determined to be invalid.
If "remote" is true, the invalidation request is also broadcast to all other application servers that are part of the same High Available Manager (HAMgr) core-group. This defaults to the cell, but there may be multiple core-groups in a cell if explicitly configured. A single core-group can never span multiple cells.
Remote invalidations are not processed immediately, but on the next run of the background session invalidator thread. This will happen in at most six minutes, unless the HttpSessionReaperPollInterval property is set, in which case this property setting specifies the maximun time interval. If a remotely invalidated session is requested (with req.getSession()) prior to this interval expiring, the session will be immediately invalidated so that it will not be given to the application.
If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".- Throws:
SecurityException
- Since:
- WAS 6.1
-
invalidateAll
Same as invalidateAll(false)
If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".- Parameters:
remote
- boolean that indicates if request should be broadcast across core group- Throws:
SecurityException
- Since:
- WAS 6.1
-