Servlet listeners : HttpSessionListener example

The following two tabs change content below.
Prasad Kharkar is a java enthusiast and always keen to explore and learn java technologies. He is SCJP,OCPWCD, OCEJPAD and aspires to be java architect.

Latest posts by Prasad Kharkar (see all)

In previous part of this series, we learned about ServletContextListener . This part will elaborate HttpSessionListener which is used to listen to session creation and destruction events.

Why is HttpSessionListener needed?

We may have a requirement to receive a notification whenever a new session is created or we would like to know how many sessions are active on the website so that we can know how many users are logged in and active on the website.

How can it be achieved?

Java EE specification provides an interface called HttpSessionListener which listens to session creation and session destruction events. This is what javadocs say.

Implementations of this interface are notified of changes to the list of active sessions in a web application.

  • sessionCreated(HttpSessionEvent event)   method receives a notification whenever a session is created.
  • sessionDestroyed(HttpSessionEvent event) method receives a notification whenever a session is destroyed.

What are we going to do?

  • Create a HttpSessionListener to listen to session events
  • Create a servlet LoginServlet which will create a new session if login is valid.
  • Create a servlet LogoutServlet which will invalidate the session.
  • Create login.jsp  which has the login form.
  • Create  welcome.jsp  having logout button.
  • Create  failure.jsp  if login is not valid.

Step 1: Create a dynamic web project

Create a dynamic web project in eclipse.

Step 2: Create MySessionListener and configure in web.xml

Create a listener called MySessionListener as follows.

Now we need to configure this HttpSessionListener in  web.xml  so that web application knows about this.In your web.xml  add this.

Step 3: Create LoginServlet and LogoutServlet and configure them in web.xml

Now we need a LoginServlet which creates a new session if credentials are valid and LogoutServlet which will invalidate the session when Logout button in clicked on welcome.jsp . So create these servlets as follows.



Configure them in web.xml as follows.


 Step 4: Create login.jsp and welcome.jsp

Now we need a page which has login form and from which LoginServlet is requested. It will take you to  welcome.jsp  if authentication is successful and a new session is created.  Welcome.jsp  will have a logout button to invalidate the session.




 Step 5: Run and test.

Now we are done with application and its time to test it out. Deploy your application under tomcat and start the server. Now hit the url http://localhost:8080/ServletListenerExamples/login.jsp . You will see the following page.


Enter username and password there and click Login. You will see a welcome message with Logout button. Click logout button and it will invalidate the session. You can confirm this from the output on console.



Share Button

Prasad Kharkar

Prasad Kharkar is a java enthusiast and always keen to explore and learn java technologies. He is SCJP,OCPWCD, OCEJPAD and aspires to be java architect.

13 thoughts on “Servlet listeners : HttpSessionListener example

  • Pingback:Servlet listeners : ServletRequestListener | theJavaGeek

  • June 10, 2015 at 1:36 pm

    But here session is not logout after 15 minutes,what is the problem,can you please suggest me?

    • June 11, 2015 at 10:33 am

      Thank you for commenting Abhishek, we can see in the logs that session is being destroyed. Could you please let me know what error you are facing?

    • June 2, 2016 at 4:10 pm


      add in your web.xml file it will happen

  • June 10, 2015 at 3:01 pm

    excellent bro,even beginner’s will understand easily..if it is possiable like this way you have to explain use of session’s,listeners and JSP Tags..

  • November 6, 2015 at 10:05 pm

    i have to store some values in hash table like keys and values in servlet1,
    i have to send that hashtable keys to another servlet2 how can i do sir plz help me

  • June 2, 2016 at 12:44 pm

    Hello Prasad,

    The concept works well to track when the sessions are created and destroyed, could you also help me understand how can I redirect to login page once the session is over without clicking the logout button?

  • August 12, 2016 at 6:13 pm

    Hi Prasad,

    thanks for the info.I just had a small Question:
    there are 2 places where you have created session:
    session = request.getSession();
    HttpSession session = request.getSession();

    but in Logs there is one line for start of session:
    “A new session is created”

    could you please explain this?

    Thanks in advance

    • August 16, 2016 at 9:00 am

      Hi Ajit, when we call request.getSession(), it is created when no session is already available. Once it is created, same session will be returned. So in this case, in LoginServlet, request.getSession(); creates the session and in LogoutServetl, request.getSession(); will return the session created by LoginServlet.

  • April 28, 2018 at 10:39 am

    A servlet acts as an intermediary between the client and the server. As servlet modules run on the server, they can receive and respond to requests made by the client . Thanks for sharing.


Leave a Reply

Your email address will not be published. Required fields are marked *