• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Tim Cooke
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • paul wheaton
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Ron McLeod
  • Piet Souris
  • Ganesh Patekar
Bartenders:
  • Tim Holloway
  • Carey Brown
  • salvin francis

security related

 
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
suppose i want my application to be such that , if any action is not done for some stipulated time peroid on any jsp page ,and after that stipulated time if user tries to do some action on that jsp page, he should be taken back to login jsp..... what is the code for this ???
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I do this by putting an object into their session after a successfull login.
Then in all pages that require a valid session, I check for the existance of this object (using a filter). If this object is null, I forward them to the login page.

This would acomplish what you want. If they try to submit the form after the session expires, they would be sent to login.
[ February 10, 2005: Message edited by: Ben Souther ]
 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by venu navat:
suppose i want my application to be such that , if any action is not done for some stipulated time peroid on any jsp page ,and after that stipulated time if user tries to do some action on that jsp page, he should be taken back to login jsp..... what is the code for this ???



You could set a session timeout, either with the <session-timeout> in the web.xml or with the setMaxInactiveInterval in the servlet/jsp, then if that time the user was inactive then the session expires and any objects in the session are deleted, then you would have to check for your session and if not valid.... goes back to the login
 
The first person to drink cow's milk. That started off as a dare from this tiny ad:
create, convert, edit or print DOC and DOCX in Java
https://products.aspose.com/words/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!