protected Boolean deleteSession(HttpServletRequest req) {
// make old session invalid
req.getSession().invalidate();
String sessionId = req.getSession().getId();
logger.info("==> delete session from memcached --> sessionId={}", sessionId);
return iServCmsysMemcached.delete(RegionSys.SECURITY_SESSION, sessionId);
}
/**
* make old session in memcached invalid, and add a new session to memcached with new session id
*
* @param req an object supply session id
* @param user a user object store in DB with session id
* @return a user object with new session id store in memcached
*/
protected ModelUser setSession(HttpServletRequest req, ModelUser user) {
// make old session invalid
iServCmsysMemcached.delete(RegionSys.SECURITY_SESSION, user.getSessionId());
logger.info("==> delete session from memcached --> sessionId={}", user.getSessionId());
// add new session to memcached
req.getSession().invalidate();
String sessionId = req.getSession().getId();
user.setSessionId(sessionId);
Session session = new Session(SessionKey.USER, user);
iServCmsysMemcached.set(
RegionSys.SECURITY_SESSION,
sessionId,
session,
Constant.SECURITY_SESSION_EXPRIE_TIME,
60000);
iServUser.update(user);
return user;
}