• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

forward on session timout  RSS feed

 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All

Can anyone tell me how to forward to an error page when the session has timed out?

I implemented

javax.servlet.http.HttpSessionBindingListener

public void valueUnbound(javax.servlet.http.HttpSessionBindingEvent event) {
// what code can I put in here to forward to
// my error page sessiontimeoutError.jsp ???
}

Thanks for any thougths ...
Amy
 
Author and ninkuma
Marshal
Posts: 66806
168
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can't since at the time that the listener is triggered you have no idea what's displayed in the user's browser or if they're even still looking at your site. Chances are they're long gone and browsing ebay or something...

The purpose of the listener is so that you can clean up after yourself if need be when the session times out.

If you want to detect that a session has timed out when a user hits one of your pages or controllers, that's a good job for a servlet filter.
 
(instanceof Sidekick)
Ranch Hand
Posts: 8791
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I use a site that has javascript on every page that pops a dialog box in the browser after n minutes. If your user is doing absolutely nothing but letting one of your pages sit there, that could warn them they are about to time out. If they wander off to Google or some other site, that script will be gone of course.
 
A Saari
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Bear - could you please help me just a little bit more?

I've created the filter class you suggested and added it to web.xml - it gets called just fine, but I don't understand how to figure out if the session has timed out and then redirect (can I use RequestDispatcher?) to the sessionTimedOut.html page I want to display.

public void doFilter (ServletRequest request,
ServletResponse response,
FilterChain chain)
{

try
{
// what code goes here ???
ServletContext sc = filterConfig.getServletContext();

chain.doFilter (request, response);

...

Thanks for any help.

Amy
 
Ranch Hand
Posts: 1512
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Saari, the filter has access to the request object. can't you just check there.
[ April 26, 2006: Message edited by: Bosun Bello ]
 
A Saari
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
well, yeah, i would have thought so but there's no getSession() method on the request object passed in - so i don't know how to gain access to the session object via the request object ...

amy
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


but there's no getSession() method on the request object passed in -



You can always down cast the interface type

ServletRequest req;
HttpServletRequest request = (HttpServletRequest) req;

HttpSession session = request.getSession();
 
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I do this by adding an object (userBean) to the session upon a sucessfull login. My filter checks for the existence of this object with each hit to the site. If the object doesn't exist in session (session.getAttribute("userBean" ) returns null) then I redirect the user back to the login screen.

The SessionMonitor demo app on http://simple.souther.us/not-so-simple.html has code that does this.
 
A Saari
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Vishnu & Ben

Perfect. Thank you so much!

Amy
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!