You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Klotz Jr, Dennis" <DK...@empirix.com> on 2006/02/16 14:29:29 UTC
Best practice for detecting session expiration for applets?
This might be off topic but I am hoping someone has the time to help me
out.
I recently moved from basic to forms based authentication and I am
having some problems with session expiration and my applets.
I serialize plain old java objects back and forth from my client applet
to tomcat 5.5.15 and now I am trying to recognize at the client when a
session has expired, instead of simply getting a nasty exception about
EOF on stream etc.
I'm hoping someone can give me a couple of pointers on what I should do
to handle this from an applet.
Should I do a 'normal' GET or POST heartbeat before the serialization
attempt? (really don't like this idea)?
Should I try and use HttpURLConnections getResponseCode()? (it doesn't
seem to work as I would expect).
Should I use the jakarata commons http client project? (Seems like
overkill)
Here is an example of the code followed by the exception I get on the
client side:
--------------------------
HttpURLConnection con = (HttpURLConnection)servlet.openConnection
();
Object o = null;
// Prepare for both input and output
con.setDoInput (true);
con.setDoOutput (true);
// Turn off caching
con.setUseCaches (false);
// Set the content type to be application/x-java-serialized-object
con.setRequestProperty ("Content-Type",
"application/x-java-serialized-object");
// Send headers
sendHeaders (con);
// Write the serialized object as post data
ObjectOutputStream out = new ObjectOutputStream (con.getOutputStream
());
out.writeObject (obj);
out.flush ();
out.close ();
InputStream in = con.getInputStream ();
int status = con.getResponseCode ();
System.out.println (this.getClass ().getName () + " : INFO : " +
status);
if ((status == con.HTTP_UNAUTHORIZED) ||
(status == con.HTTP_NOT_AUTHORITATIVE) ||
(status == con.HTTP_FORBIDDEN))
{
System.out.println (this.getClass ().getName () + " : WARNING :
Session timed out !!?? " );
// TODO: do something useful here. Send custom exception up...
}
ObjectInputStream result = new ObjectInputStream (in);
try
{
o = result.readObject ();
}
catch
... (snip) ...
finally
{
in.close();
result.close();
}
return (o);
-------------------------
java.io.EOFException
at java.io.ObjectInputStream$PeekInputStream.readFully(Unknown
Source)
at
java.io.ObjectInputStream$BlockDataInputStream.readShort(Unknown Source)
at java.io.ObjectInputStream.readStreamHeader(Unknown Source)
at java.io.ObjectInputStream.<init>(Unknown Source)
at
com.empirix.hm.callq.client.common.HttpMessage.sendPostMessage(HttpMessa
ge.java:212)
at
com.empirix.hm.callq.client.common.CallQSerializeData.sendViaHttp(CallQS
erializeData.java:102)
----------------------
Regards,
Dennis Klotz
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org