Top posts
Latest articles
How To Get An Accurate Session Count With Tomcat
(No Ratings Yet)
Loading ...Recently we started to notice that even after disabling a server in our loadbalancer we still get traffic on it after two months. At least for as far as we count it. We currenlty count traffic by using the SessionListener to get notification of people leaving and coming, but somehow our counter gets stuck at about 500 sessions 2 months after switching the server of in the load balancer.
Some time back I already wrote about the setup we use in counting sessions. Read more on that in the ‘Cleaning Up Java Sessions’ post. We put live this change some time back. But I’m still having some issues with the sessions.
What we do is something like this. When a user comes in through a servlet we look if a specific object is set in the session. If not we invalidate the session and add the object. In a seperate class we catch all session starts and destructions.
Upon the session start function in HttpSessionListener we increase the counter. Upon the destruction of the session and if the our session object is set we decrease the counter. But for some reason we have some sessions that do not get cleaned up by Tomcat. Or there are some users that simply stay online for over 2 months.
To get a semi accurate count of the active session I looked into getting the amount of active sessions from the Tomcat StandardManager class. In theory you would be able to obtain this through the tomcat implementation of the HttpSession object. But for some reason these objects are package protected.
There has to be an easier way of getting an accurate count of the amount of active sessions through the tomcat API.
Cleaning Up Java Sessions
As part of a migration from Resin 1.3 to Tomcat 5 we had to migrate servers that are session based. Because we wanted to measure the time someone was on the website a listener had to be used. In resin this was done by implementing a HttpSessionBindingListener. But when we migrated to tomcat our measurements no longer worked.
Once a session became invalidated the HttpSessionBindingListener valueUnbound method was called. During this call we used the getLastAccessedTime() on the session to figure out how long the session was idle before the session was cleaned up.
During the investigation as to why the idle time was no longer logged we found out that for some reason the valueUnbound was no longer working the same in Tomcat as it used to in Resin. After some debuging it appeared as if the HttpSession.getLastAccessedTime() could no longer be used at this stage of the clean up. Every time you tried to access it I got a IllegalStateException.
Some searching on the web later toled me that this was because the session is already invalidated at this point. And an invalidated sessions information cannot be trusted. So what I had to do is build another listener. This time one that is more generic and catches all session deletions. The class to implement in order to do this is called the HttpSessionListener. The methods on this class are called when a session is made or destroyed.
By storing the last access time during the destruction the idle timeĀ is available.
