Package com.ibm.wsspi.servlet.session

Interface IBMSessionExt

All Superinterfaces:
Externalizable, jakarta.servlet.http.HttpSession, IBMSession, Serializable
public interface IBMSessionExt extends IBMSession
The IBMSessionExt interface extends the jakarta.servlet.http.HttpSession interface of the Servlet API to
  • Invalidate all sessions with the same session id as the current session.

    WebSphere implementation of http session object implements this interface.

    Example code:

    IBMSessionExt sessExt = (IBMSessionExt)request.getSession();
    sessExt.invalidateAll(true);

    • Method Summary

      Modifier and Type
      Method
      Description
      void
      invalidateAll()
      Same as invalidateAll(false)
      If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".
      void
      invalidateAll(boolean remote)
      To invalidate all session across web applications with the same session id as the current session.

      Methods inherited from interface java.io.Externalizable

      readExternal, writeExternal

      Methods inherited from interface jakarta.servlet.http.HttpSession

      getAttribute, getAttributeNames, getCreationTime, getId, getLastAccessedTime, getMaxInactiveInterval, getServletContext, getSessionContext, getValue, getValueNames, invalidate, isNew, putValue, removeAttribute, removeValue, setAttribute, setMaxInactiveInterval

      Methods inherited from interface com.ibm.websphere.servlet.session.IBMSession

      getIBMApplicationSession, getIBMApplicationSession, getUserName, isOverflow, sync

    • Method Details

      • invalidateAll

        void invalidateAll(boolean remote) throws SecurityException
        To invalidate all session across web applications with the same session id as the current session.
        If "remote" is false, the scope is limited to the JVM. However, if persistent sessions are enabled, the session is removed from the back-end store. This will prevent any other servers from retrieving that session should that server not have the session cached or if its cached copy is determined to be invalid.
        If "remote" is true, the invalidation request is also broadcast to all other application servers that are part of the same High Available Manager (HAMgr) core-group. This defaults to the cell, but there may be multiple core-groups in a cell if explicitly configured. A single core-group can never span multiple cells.
        Remote invalidations are not processed immediately, but on the next run of the background session invalidator thread. This will happen in at most six minutes, unless the HttpSessionReaperPollInterval property is set, in which case this property setting specifies the maximun time interval. If a remotely invalidated session is requested (with req.getSession()) prior to this interval expiring, the session will be immediately invalidated so that it will not be given to the application.
        If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".
        Throws:
        SecurityException
        Since:
        WAS 6.1

      • invalidateAll

        void invalidateAll() throws SecurityException
        Same as invalidateAll(false)
        If Java 2 security is enabled, accessing this method requires com.ibm.websphere.security.WebSphereRuntimePermission with target name "accessInvalidateAll".
        Parameters:
        remote - boolean that indicates if request should be broadcast across core group
        Throws:
        SecurityException
        Since:
        WAS 6.1