Sessions

11155 · April 26, 2010, 12:23pm

hi all,

in my application, i have login form. while login into the application iam maintaning the details in session. i want to remove the stale sessions and while removing the stale sessions i want to perform some operattions on database . how to do this.

Regards, Rajkumar

Andy_Jeffries1 · April 27, 2010, 3:44pm

in my application, i have login form. while login into the application

iam maintaning the details in session. i want to remove the stale

sessions and while removing the stale sessions i want to perform some

operattions on database . how to do this.

How are the sessions stored? The default now is Cookie store, so you can’t easily delete all sessions. If you’re using file store, you can just remove all files in the folder, if your using a DB store you can truncate the table.

The other way is to have a version field checked/set in a filter in your application and empty any incoming session requests if they don’t have the right version. It won’t delete them all immediately, but at the time they’re being used.

Cheers,

Andy

Peter_De_Berdt · April 27, 2010, 3:56pm

Well, if you’re using the cookiestore for sessions, you don’t have to worry about stale sessions anyway. The file store should be avoided imo, the IO is simply too expensive. Database session storage is an option, although I see little to no reason to use it when you have something that just takes session storage away from the server.

Your database optimizations and operations can be run as a cron tab, just call a rake task that does what it needs to do and be done with it.

Best regards

Peter De Berdt

hassan · April 27, 2010, 4:13pm

? How so?

Peter_De_Berdt · April 27, 2010, 4:38pm

Because the session data is kept in a cookie on the client side, not on the server in any way. The session is removed on the user’s computer when he quits his browser. As long as you’re not storing more than 4KB of (sensitive) data in the session (which you should never do in the first place), it’s the least expensive session storage with the least redundant data hanging around.

Best regards

Peter De Berdt

hassan · April 27, 2010, 4:50pm

That's irrelevant if the app in question depends on inactive sessions being expired.

Peter_De_Berdt · April 27, 2010, 4:56pm

http://dev.rubyonrails.org/ticket/10751

Best regards

Peter De Berdt

hassan · April 27, 2010, 5:31pm

Interesting but also irrelevant; recognizing a request for an expired session is not the same as explicitly expiring a session and doing any necessary cleanup.

But thanks for the reference.