protected Boolean deleteSession(HttpServletRequest req) { // make old session invalid req.getSession().invalidate(); String sessionId = req.getSession().getId(); logger.info("==> delete session from memcached --> sessionId={}", sessionId); return iServCmsysMemcached.delete(RegionSys.SECURITY_SESSION, sessionId); }
/** * make old session in memcached invalid, and add a new session to memcached with new session id * * @param req an object supply session id * @param user a user object store in DB with session id * @return a user object with new session id store in memcached */ protected ModelUser setSession(HttpServletRequest req, ModelUser user) { // make old session invalid iServCmsysMemcached.delete(RegionSys.SECURITY_SESSION, user.getSessionId()); logger.info("==> delete session from memcached --> sessionId={}", user.getSessionId()); // add new session to memcached req.getSession().invalidate(); String sessionId = req.getSession().getId(); user.setSessionId(sessionId); Session session = new Session(SessionKey.USER, user); iServCmsysMemcached.set( RegionSys.SECURITY_SESSION, sessionId, session, Constant.SECURITY_SESSION_EXPRIE_TIME, 60000); iServUser.update(user); return user; }