1

I currently have a Spring 3 project and what I want to do is retrieve my session when the session expires. I have been doing some research and apparently the HttpSessionBindingListener can handle this although in a Spring project, I can't seem to figure out how to implement this properly. Within my session, I save a UserDetailsImpl object which contains my User object. Should I be implementing the HttpSessionBindingListener on the stated objects?

To be clear, what I want to do is retrieve the user's id from the session object before it expires.

EDIT: Apparently the HttpSessionBindingListener does not work properly in Websphere but it is okay in Tomcat. Are there any other alternatives?

mpmp
  • 2,409
  • 4
  • 33
  • 46

1 Answers1

1

You can also register listener in web.xml:

<listener>
    <listener-class>com.example.MyHttpSessionListener</listener-class>
</listener>

And use method sessionDestroyed()

This is detailed describd in this answer: https://stackoverflow.com/a/3720512/516167

Inject Spring Application Context in this Listener like is described in this question:

How to inject dependencies into HttpSessionListener, using Spring?

Other possible solution are described here:

Logout/Session timeout catching with spring security

Community
  • 1
  • 1
MariuszS
  • 30,646
  • 12
  • 114
  • 155