You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@myfaces.apache.org by Michael Wiedmann <mi...@detewe.de> on 2005/07/04 09:33:00 UTC

jsp:redirect after session timeout

If the session timeout value expires (default: 30 min.) the user should
be redirected to the login page. This worked until some time in the past
but now (using myfaces 1.0.8, Tomcat 5.0.30) we notice the following:

We have a code fragment which checks for a session attribute "loginname"
and if this check results in "null" (because the session has expired or
the user has not yet successfully logged in) we want to redirect him
using "jsp:forward":

<%
  String _loginname = (String)session.getAttribute("loginname");
  if (_loginname == null)
  {
%>
    <jsp:forward page="/faces/jsp/login.jsp" />
<%}%>

The check itself works but the attempt to redirect results in a:

java.lang.IllegalStateException: Error: Attempt to clear a buffer \
   that's already been flushed

Any hints?

Michael
--

Re: jsp:redirect after session timeout

Posted by Mike Kienenberger <mk...@gmail.com>.

On 7/4/05, Michael Wiedmann <mi...@detewe.de> wrote:
> If the session timeout value expires (default: 30 min.) the user should
> be redirected to the login page. This worked until some time in the past
> but now (using myfaces 1.0.8, Tomcat 5.0.30) we notice the following:
> 
> We have a code fragment which checks for a session attribute "loginname"
> and if this check results in "null" (because the session has expired or
> the user has not yet successfully logged in) we want to redirect him
> using "jsp:forward":
> 
> <%
>   String _loginname = (String)session.getAttribute("loginname");
>   if (_loginname == null)
>   {
> %>
>     <jsp:forward page="/faces/jsp/login.jsp" />
> <%}%>
> 
> The check itself works but the attempt to redirect results in a:
> 
> java.lang.IllegalStateException: Error: Attempt to clear a buffer \
>    that's already been flushed

If a session has been marked invalidated, you'll get
IllegalStateException, not null, when using getAttribute.

http://java.sun.com/products/servlet/2.2/javadoc/javax/servlet/http/HttpSession.html#getAttribute(java.lang.String)

Unfortunately, the only way to detect if a session is invalidated is
to catch IllegalStateException.

-Mike