Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
See a HttpSession can be created even when the user is not logged in.
SRV.12.10 Login and Logout
Being logged in to a web application corresponds precisely to there being a
valid non-null value in getUserPrincipal method, discussed in SRV.12.3 and the
javadoc. A null value in that method indicates that a user is logged out.
Containers may create HTTP Session objects to track login state. If a
developer creates a session while a user is not authenticated, and the container
then authenticates the user, the session visible to developer code after login must
be the same session object that was created prior to login occurring so that there is
no loss of session information.
If a developer creates a session while a user is not authenticated, and the container
then authenticates the user, the session visible to developer code after login must
be the same session object that was created prior to login occurring so that there is
no loss of session information.
Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
There is no new session created if user logs in after he was allready using a session. So this means the sessionCreated method will not be running again and we will not be able to log this user into the session. Right?
Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
Containers may create HTTP Session objects to track login state and if they do they will store attributes in the user's session, such as the user's security related information and if that happens then the attributeAdded method will be called on HttpSessionAttributeListener.
Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
|BSc in Electronic Eng| |SCJP 6.0 91%| |SCWCD 5 92%|
What is the solution for this? Can't we use HttpSessionEvent objects to notify when a session had been changed by user log in?
Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
What is the solution for this? Can't we use HttpSessionEvent objects to notify when a session had been changed by user log in?
Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
I'd appreciate it if you pronounced my name correctly. Pinhead, with a silent "H". Petite ad:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
|