Invalidating session in servlet ray walker dating
Everytime someone logs, in a reference to their session is put in the Hashtable.
This way all the servlets and JSPs of the web app would have access to it.
However we do know that it may be a potential security issue and we have a mechanism in place that on sign out will trigger the invalidation of all the portlet sessions that the user has used during its session.
Alternatively you could invalidate that specific portlet session.
I'm going to mix psuedo code and real code to give you an idea of what I mean.
/* This is part of the Manager Servlet's code */ public void init( Servlet Config cfg ) throws ...