IBM WebSphere Application ServerTM
Release 7

com.ibm.wsspi.servlet.session
Interface IBMSessionExt

All Superinterfaces:
java.io.Externalizable, javax.servlet.http.HttpSession, com.ibm.websphere.servlet.session.IBMSession, java.io.Serializable

public interface IBMSessionExt
extends com.ibm.websphere.servlet.session.IBMSession

The IBMSessionExt interface extends the javax.servlet.http.HttpSession interface of the Servlet API to

  • Invalidate all sessions with the same session id as the current session.

    WebSphere implementation of http session object implements this interface.

    Example code:

    IBMSessionExt sessExt = (IBMSessionExt)request.getSession();
    sessExt.invalidateAll(true);


    Method Summary
     void invalidateAll()
              Same as invalidateAll(false)
    If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".
     void invalidateAll(boolean remote)
              To invalidate all session across web applications with the same session id as the current session.
     
    Methods inherited from interface com.ibm.websphere.servlet.session.IBMSession
    getIBMApplicationSession, getIBMApplicationSession, getUserName, isOverflow, sync
     
    Methods inherited from interface javax.servlet.http.HttpSession
    getAttribute, getAttributeNames, getCreationTime, getId, getLastAccessedTime, getMaxInactiveInterval, getServletContext, getSessionContext, getValue, getValueNames, invalidate, isNew, putValue, removeAttribute, removeValue, setAttribute, setMaxInactiveInterval
     
    Methods inherited from interface java.io.Externalizable
    readExternal, writeExternal
     

    Method Detail

    invalidateAll

    void invalidateAll(boolean remote)
                       throws java.lang.SecurityException
    To invalidate all session across web applications with the same session id as the current session.
    If "remote" is false, the scope is limited to the JVM. However, if persistent sessions are enabled, the session is removed from the back-end store. This will prevent any other servers from retrieving that session should that server not have the session cached or if its cached copy is determined to be invalid.
    If "remote" is true, the invalidation request is also broadcast to all other application servers that are part of the same High Available Manager (HAMgr) core-group. This defaults to the cell, but there may be multiple core-groups in a cell if explicitly configured. A single core-group can never span multiple cells.
    Remote invalidations are not processed immediately, but on the next run of the background session invalidator thread. This will happen in at most six minutes, unless the HttpSessionReaperPollInterval property is set, in which case this property setting specifies the maximun time interval. If a remotely invalidated session is requested (with req.getSession()) prior to this interval expiring, the session will be immediately invalidated so that it will not be given to the application.
    If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".

    Throws:
    java.lang.SecurityException
    Since:
    WAS 6.1

    invalidateAll

    void invalidateAll()
                       throws java.lang.SecurityException
    Same as invalidateAll(false)
    If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".

    Parameters:
    remote - boolean that indicates if request should be broadcast across core group
    Throws:
    java.lang.SecurityException
    Since:
    WAS 6.1

    IBM WebSphere Application ServerTM
    Release 7