As far as I know there is no way to get the list of active sessions for security reasons, some time ago I wanted to display in my application a list of active sessions, what I did is to implement some listeners, it is tricky but fun once you understand how it works.
The first listener I implemented was an HttpSessionListener (declared in my web.xml file), the listener has a method sessionCreated() and sessionDestroyed() that I used to update my list of active sessions. The tricky part is when the server is restarted, because tomcat serializes the sessions and after a restart there will be active sessions that are created without a sessionCreated() event (which makes sense because they were not destroyed, just serialized). I handle this situation with a SessionActivationListener interface that has a method sessionDidActivate(), usefult to update my list of active sessions. The SessionActivationListener is used for any attribute that you add to a session with the setAttribute() method. To make this listener available I just added an object that implements the listener in the HttpSessionListener.sessionCreated() method. Regards -----Original Message----- From: Felipe Jaekel [mailto:fkjae...@gmail.com] Sent: Thursday, October 18, 2012 3:59 PM To: Tomcat Users List Subject: Re: Get active session list Found the following: context = (Context) wrapper.getParent(); > host = (Host) context.getParent(); > > Context ctx = (Context) host.findChild(name); > Manager manager = ctx.getManager(); > Session [] sessions = manager.findSessions(); Had the same doubt I had when I looked at the PSI Probe code some days ago: how to handle the wrapper property? As a alternative I tried to implement *HttpSessionActivationListener*, but the methods aren't called when I restart the server. Thanks again for the help, Phillip 2012/10/18 Christopher Schultz <ch...@christopherschultz.net> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Felipe, > > On 10/18/12 9:34 AM, Felipe Jaekel wrote: > > I need to get the active session list. Searching about I saw a lot > > of people with the same question, but no answer. > > > > I don't want to write a list inside a HttpSessionListener and keep > > the session list there, because I use session serialization and the > > list inside the listener would be destroyed in case the server is > > restarted. > > You *can* get notification of sessions being de-serialized from the > disk to maintain your list. Look at the other session-related > listeners in the servlet API. > > You could also use JMX to get a list of sessions. Use JConsole to > poke-around in Tomcat's JMX beans and find the one(s) that expose > sessions. You may have to make your webapp "privileged" in order to > make JMX calls. > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.17 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ > > iEYEARECAAYFAlCAEgwACgkQ9CaO5/Lv0PARBACfZ+EG7KJWXt+49sbB1kVsLunF > A4MAoKv1hM4KBlaAS4a1UaP0ePqfRr3W > =n3WU > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > Notice: This e-mail message, together with any attachments, contains information of Merck & Co., Inc. (One Merck Drive, Whitehouse Station, New Jersey, USA 08889), and/or its affiliates Direct contact information for affiliates is available at http://www.merck.com/contact/contacts.html) that may be confidential, proprietary copyrighted and/or legally privileged. It is intended solely for the use of the individual or entity named on this message. If you are not the intended recipient, and have received this message in error, please notify us immediately by reply e-mail and then delete it from your system. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
