Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

session help?  RSS feed

 
Bashar Ayyash
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi guys,

I want to know how can I take user back, when session lifetime is over, to login page so if he want to continue surfing my site he needs to login again.

Regards,
 
Renu Radhika
Ranch Hand
Posts: 243
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Implement HttpSessionListener class add this in your deployment descriptor(web.xml)and in the implemented class write the code to redirect to the login page when sessionDestroyed event or Session is timed out
 
Satish Chilukuri
Ranch Hand
Posts: 266
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Renu Radhika:
Implement HttpSessionListener class add this in your deployment descriptor(web.xml)and in the implemented class write the code to redirect to the login page when sessionDestroyed event or Session is timed out


That wouldn't work as the request and response objects won't be available for a session timout event.

Bashar, what is your exact requirement, should the user be redirected if he/she has been inactive for a certain period or should the user be redirected when he/she makes a request after being inactive for a while?

The second case is straight forward. Whenever a request comes in, get the session from the request object. If no session is returned, you can redirect the user to login page.

For the first case, you can have a javascript timer which will make a request to the server after a certain amount of time (your session time out period) and the server will redirect the user to the login page.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Satish Chilukuri:
The second case is straight forward. Whenever a request comes in, get the session from the request object. If no session is returned, you can redirect the user to login page.


Agreed.

Personal Suggestions:
- Use getSession(false), so it wouldn't create any new one
- Dont just check the session. its better to check some associated attribute with the session such as user, role, etc, if you have anything like that
 
Bashar Ayyash
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanck you guys, your advices were helpful.... ;-)

one more thing please, I want to build login page that forwared users according to their privilege, for ex. when a user with (User) privilege enters his username and password correctly he will be forwarded to the general page, when user with Mod privielege enters his username and password correctly he will be forwarded to the moderator page, and when user with Admin privilege enters his username and password correctly he will be forwarded to the Administrator page.

Thanx again for your helps.
[ March 08, 2006: Message edited by: Bashar Ayyash ]
 
Bosun Bello
Ranch Hand
Posts: 1511
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As per your last request, if you are using struts, in your action check the role that the user belongs to, then set the forward there. You will obviously have appropriate entries in your config.xml file, to map each forward to the appropriate jsp.

If you are not using struts, then just check in your controller servlet, then forward as appropriate by using the dispatcher object.
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65826
134
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
More appropriately, a servlet filter is ideal for this purpose.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!