• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Paul Clapham
  • Bear Bibeault
  • Jeanne Boyarsky
Sheriffs:
  • Ron McLeod
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Jj Roberts
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • salvin francis
  • Scott Selikoff
  • fred rosenberger

help with jsp redirection after timeout

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all

i am looking for help into 2 things;
how to redirect users to a logout page automatically when the session expires,
(i have a lot of jsp/html pages in this web-app, can this be done through tomcat maybe aka globally)
and/or
when a user clicks on a link in a page but his session has expired how to
redirect them to the login page and back again to the original requested link

any help or pointing me in the right direction is greatly appreciated.
 
Ranch Hand
Posts: 331
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

thomas Fuchs wrote:
when a user clicks on a link in a page but his session has expired how to
redirect them to the login page



You can do it with filters-

This filter would intercept all the requests to those jsps that require that the session has not expired.

In the filter,
check with a request.getSession(false) whether the session doesn't exist.
In that case, do a respone.sendRedirect(loginPage)
If you find that the session exists, you wouldn't have to do anything.

 
Marshal
Posts: 67463
173
Mac Mac OS X IntelliJ IDE jQuery Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Vishwanath Murthi wrote:check with a request.getSession(false) whether the session doesn't exist.


While using a filter is a good idea -- it's how I always do it -- checking the session itself isn't such a good idea. Rather, check for the existence of an authentication token that you place on the session when the user logs in.
 
Vishwanath Krishnamurthi
Ranch Hand
Posts: 331
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Bear Bibeault wrote:checking the session itself isn't such a good idea. Rather, check for the existence of an authentication token that you place on the session when the user logs in.

thanks, good to know.
 
Today you are you, that is turer than true. There is no one alive who is youer than you! - Seuss. Tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
reply
    Bookmark Topic Watch Topic
  • New Topic