You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Joakim Verona <jo...@verona.se> on 2000/11/27 15:00:21 UTC

how do i recreate the user session after session timeout or server restart?

hello,

i have an web-app which uses form login. This works well except when the session times out or
the server is restarted(due to a software update)

the problem occurs when the user reloads a page from a no longer valid session.
tomcat then redirects the user properly to the form-login page.
only problem, then, is that the user then is redirected to the original page, which relies on a valid session.

i could of course have the session initialization code in every page, but this is error prone.
is there some more elegant way, perhaps using some form of event handler? (interceptor?)

i think the basic problem is that i cant make the form-login system actually do anything other
than setting the username in the underlying session object.

-- 
Joakim Verona
joakim@verona.se
http://www.verona.se/

Re: how do i recreate the user session after session timeout or server restart?

Posted by Dave Smith <sa...@home.com>.

Joakim,

It's easy to test for a live session (JSP code) :

 if(session == null) { response.sendRedirect("/logged-out.jsp"); return; }

You might want to read up on sessions and how to use them, for instance by
checking out Jason Hunter's book.
Obviously restarting the server destroys all current sessions...

Dave

----- Original Message -----
From: "Joakim Verona" <jo...@verona.se>
To: <to...@jakarta.apache.org>
Sent: Monday, November 27, 2000 8:00 AM
Subject: how do i recreate the user session after session timeout or server
restart?


> hello,
>
> i have an web-app which uses form login. This works well except when the
session times out or
> the server is restarted(due to a software update)
>
> the problem occurs when the user reloads a page from a no longer valid
session.
> tomcat then redirects the user properly to the form-login page.
> only problem, then, is that the user then is redirected to the original
page, which relies on a valid session.
>
> i could of course have the session initialization code in every page, but
this is error prone.
> is there some more elegant way, perhaps using some form of event handler?
(interceptor?)
>
> i think the basic problem is that i cant make the form-login system
actually do anything other
> than setting the username in the underlying session object.
>
> --
> Joakim Verona
> joakim@verona.se
> http://www.verona.se/