Reputation: 611
How to log tomcat session invalidation or user logout
How can I log situation when tomcat 7 invalidate session or when user is logged out from application because of expired session or wrong session at all. For example user sign in into webapp, he gets his jsessionid a saves it into browser cookies, then I manually invalidate session through the tomcat manager or delete jsessionid from cookies. Both of cases cause user logout but I think that this behaviour handles tomcat itselves so, i have to catch this invokation somewhere in tomcat. How can I do this?
I need this because of problem with random invalidation of session, which could be cause maybe with bad clustering (we have two nodes with sticky session) or maybe garbagge collector destroying our session but It could anything else, so I need some wider context.
I use tomcat 7, java 1.7, jsf 1.2, spring-security 3
Thank you
Upvotes: 3
Views: 3256
Answers (1)
Reputation: 10717
You have to implement an HttpSessionListener, put your logging code on the sessionDestroyed method, and register it on your web.xml file.
Here's an example:
http://www.mkyong.com/servlet/a-simple-httpsessionlistener-example-active-sessions-counter/
Upvotes: 3
Related Questions
- Strategy for logging Tomcat expired sessions
- How to handle unsuccessful Logout in Spring?
- How to logging login and logout in Spring Security 4?
- How to track login attempts in Java/Tomcat and display message that user is locked out after x tries?
- how to detect tomcat session expiration using spring
- Logging a user's login and logout activities
- How to invalidate session on logout in Spring
- Spring Security session invalidation via logout
- How to handle logout in spring application
- How to trace session creation