• Post Reply Bookmark Topic Watch Topic
  • New Topic

Session Out, can not login in problem

 
Stephen Wei
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello, I am encountering this problem, please help.
I use IE 5.0, Turbo Linux server 6.0, Tomcat 3.3, my applications are mainly written in servlet/jsp.
I use Form-Based authentification method. So when user tries to access inside the system, the user has to login.
My problem is that if the user does not do anything inside the system, until this session out(done by tomcat I think), then when the user goes back to the entry page and ties to get into the system again, the login form does not come out, and a error code 304 is shown. But when the user pushes the enter button again, the login form comes out! Everytime it is like this, which means user can only see the login screen when he pushes the enter button the second time, I tried refresh etc, it did not help.
I am confused, what is the problem here? and what is the solution?
 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
304? That's a not-modified message, which should not be interpreted by the browser as an error.

When you say "user tries to get into the system again", how are they doing this?

What I mean is: Did they simply let the session time out, and they're trying to do *anything* after the time-out? Or are they trying to access the 'front' page after the time-out?
Did they use the 'back' button, or type in the URL?

I'm thinking it has to do with caching of the pages, becaues of the 304 'error'.
 
Stephen Wei
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear Mike:
I am sure you are right. It seems What happens is that the user waits for the session out, then try to access the front page again, so the browser still tries to use the old password, and the authentification fails, so the error page comes out.
So it comes to the old story, the server does not know the client session if client does not inform server by logout( I am using servlet2.2, so no sessionBindListener). So I guess I can only tell my client to not wait until session out, or just refresh the screen again before access the front page again. Right?
Thanks.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!