The Session API is a subset of the Java Servlet framework.It centres around the Http Session object, which on the Servlet represents the "session of the client whose request is being processed".To obtain or create a session, we call Sessions per se aren't terribly useful without session attributes.

invalidating session on-57

Any new browser sessions will not have this cookie, and therefore the application server will initiate a new session.

I joined in a really interesting discussion about session management in web application this week.

One of the issues raised in this discussion was how to invalidate a cookie-backed session.

my problem is: i when the user logs in, i have created a session.

i define its timeout period, and the session works but the user closes its browser, and reopen it, paste the direct link whic i use in my web app., and the session is still alive..

but i want to drop the session when the user closes all the program windows..If you don't specify a maxage value when writing the session cookie, it will be treated as a temporary cookie by the browser, and destroyed when the browser is closed.For example, we can implement a "login request" as follows: public void do Get(Http Servlet Request req, Http Servlet Response res) throws Servlet Exception, IOException { String username = Parameter("username"); String password = Parameter("password"); DBUser user = fetch From Database If Valid(username, password); Http Session sess = Session(true); Attribute("USER", user); if (user == null) { // send 'no user/password match' message } else { // send 'successful login' screen } } in this case), though could actually be any Java object. and i want to end the sesion when the user closes its there any solution without a javascript ?i mean can i do it by modifying the jsp source or ? thanx Vijayakumar Govindasamy;the project is usefull and does what i want..thanx for ur help,but i think i couldnt explain what i want..