HttpSession: getCreationTime()
import java.io.IOException;
import java.util.Date;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class ManualInvalidate extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException,
IOException {
res.setContentType("text/html");
HttpSession session = req.getSession();
// Invalidate the session if it's more than a day old or has been
// inactive for more than an hour.
if (!session.isNew()) { // skip new sessions
Date dayAgo = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000);
Date hourAgo = new Date(System.currentTimeMillis() - 60 * 60 * 1000);
Date created = new Date(session.getCreationTime());
Date accessed = new Date(session.getLastAccessedTime());
if (created.before(dayAgo) || accessed.before(hourAgo)) {
session.invalidate();
session = req.getSession(); // get a new session
}
}
}
}
Related examples in the same category