• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Frustrated with JSP and Session timeouts

 
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm working with Tomcat 3.2.1 and I've gotten quite annoyed working with JSP and session timeouts under it. I have a web app that contains both JSP and servlets. Everything integrates nicely - cookies, url rewriting, etc. Problems didn't start until I tried to get session timeouts to work. I set up the web.xml file to configure timeouts. For testing purposes, I used one minute.
The problem I've run into is that I cannot make the JSP pages aware that a timeout occurred. For an example, the following code would work in a servlet:
if (session == null) {
// do some stuff like going to login page
}
In JSP, that'll never be null -unless- you set the following:
<%@ page session="false" %>
However, that is definitely NOT what I want to do. This results in NO session even being declared for the generated servlet. Going the route of trying to manually create a session by declaring a session object and calling the request's getSession() method doesn't help either. The ids returned are not the same so there's way of knowing what is what.
I'm at a complete loss and so are my coworkers.
Any ideas?
 
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello
Why dont you try to do session timeouts using a property in JSP
when the authentication is done, set a property value example:
///////////////////////////////
private boolean grant=false;
public void setGrant(boolean temp)
{
this.grant=temp;
}

public boolean getGrant()
{
return this.grant;
}
//////////////////////////////////
maintain the above bean program throughout the session and when you are authenticating the user you can set the propert GRANT to "true". later on in each page you can check for the boolean value of grant for that particular session and if true do the necessary procession ...later on when you want to implement logout ...just set the property to FALSE....
it has surely worked for me ... this certainly can be thought of as an alternative.Let me know if successful
bye
 
James Arendt
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's a simple enough of a workaround. I just wish there was a non-workaround way of dealing with this. This is an area where I feel JSP is inconsistent/weak.
Or, maybe I just don't know it well enough.
 
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Read the servlet API documentation under javax.servlet.http.HttpSessionBindingListener. All you have to do is have an object implement this interface and supply the valueBound() and valueUnbound() methods. This will cause the object to receive an event when the session times out. You can do whatever you want then.
------------------
Phil Hanna
Sun Certified Programmer for the Java 2 Platform
Author of :
JSP: The Complete Reference
Instant Java Servlets
Website: http://www.philhanna.com
 
reply
    Bookmark Topic Watch Topic
  • New Topic