• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

A mock question about session

 
avseq anthoy
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your web application logs a user in when she supplies username/password. At that time a session is created for the user. Your want to let the user to be logged in only for 20 minutes. The application should redirect the user to the login page upon any request after 20 minutes of activity. Which of the following HttpSession methods would be helpful to you for implementing this functionality?




Select 1 correct option.
a getMaxInactiveInterval()


b getMaxActiveInterval()


c getLastAccessTime()


d getLastAccessedTime()


e getCreationTime()

answer:e
But I think d is more eligible for this scenario.Correct me if I was wrong.
 
George Bromfield
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
getCreationTime() returns the time the session was first created. You subtract from the current time the time returned by getCreationTime() and you see if the session has expired. So the correct answer is E.

getLastAccessedTime() returns the last time the Container got a request from that user, which is of no use to you to find out the total time he has been in a session.

hope I was clear
 
Alec Lee
Ranch Hand
Posts: 569
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
All these assume login/logout=session creation/destroy....but, I just cannot find anything in the spec dictating the container to create a session when a user login (assuming he is using declarative security mechanism).

I heard in the forum that session can be created destroyed and replaced with another session while the user is still login.

Appreciate if anyone can give more info on this area.
 
avseq anthoy
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But question says that the application should redirect the user to the login page upon any request after 20 minutes of activity.
So I think it means if user don't send any request exceed 20 minutes.
So I think getLastAccessedTime is the best method.
Correct me if I was wrong.
 
George Bromfield
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It says very clearly :You want to let the user to be logged in only for 20 minutes.
getMaxAge() is the answer. My last word
 
Nicky Eng
Ranch Hand
Posts: 378
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Catalin Morosan:
getCreationTime() returns the time the session was first created. You subtract from the current time the time returned by getCreationTime() and you see if the session has expired. So the correct answer is E.

getLastAccessedTime() returns the last time the Container got a request from that user, which is of no use to you to find out the total time he has been in a session.

hope I was clear


you given 2 answer, which is "getCreationTime()" and "getMaxAge()"..so which is the correct one???
 
Vishnu Prakash
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
getCreationTime() is the correct answer. Return time in milliseconds.

1 second = 1000 milliseconds.

Refer page 242 of HFSJ Book. The Question says only HttpSession Method and not Cookie class methods. As getMaxAge() is a cookie class method.
 
Don't get me started about those stupid light bulbs.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic