• Post Reply Bookmark Topic Watch Topic
  • New Topic

creating & invalidatin session

 
Ravi Kiran Gorthi
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hai Everyone,

I am new to java world and need your help in solving my problem.
My question is (1) how to create a session id and (2) how to invalidate a current session. I have written the following in my logout page, will it solve the invalidating probs.

if ((session.getAttribute(logged) == (null))
{
response.sendRedirect.(index.jsp)
}

kindly help me out.
 
Shrenik Sakriya
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

The session id is generally created by the server automatically, you don't have to create it. There are two ways to invalidate user session:

1. mention <session-timeout>time-in-minutes</sessio-timeout> in DD web.xml

2. explicitly call session.invalidate() method. This you can do if you have a logoff/signout link on your website whereby user clicks on this to gracefully logout the session. In this case your app will get the request to logout & you need to call invalidate() on session which will clear the user session.

You can get session in servlet as follows:

HttpSession session = request.getSession();
OR
HttpSession session = request.getSession(true);

In JSP you get the implicit object named session which you can use to access session related stuff.

Regards,
Shrenik Sakriya
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!