You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by John De Lello <Jo...@DelWare.com> on 2006/08/29 17:15:23 UTC

Session Timeout

Hey Everyone,

I am trying to use a custom session timeout JSP. To do this, I extended
"RequestProcessor" and overrode "processPreprocess" and added the following
code:

        HttpSession     sess = req.getSession(false);
        
        if(sess == null){
		// even when the session IS timed out, I never get here.
             String uri = "/myapp/sessiontimeout.jsp";
             try{
                doForward(uri, req, resp);
            }catch(Exception ex){}
            
            return false;
        }

The problem is, even when I know the session was expired, I never get a null
session. Am I missing something?

Thanks 
John



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org

RE: Session Timeout

Posted by John De Lello <Jo...@DelWare.com>.
I think I found the offending code. It is located in the Struts
RequestProcessor.processLocale method (which is called *before* the
pre-process). In that method is the following code:

// Has a Locale already been selected?
HttpSession session = request.getSession();

So I will *always* get a non-null session when I get control in the
processPreprocess method. 

There doesn't seem to be a hook before any processing is done.

John

-----Original Message-----
From: Ed Griebel [mailto:edgriebel@gmail.com] 
Sent: Wednesday, August 30, 2006 9:53 AM
To: Struts Users Mailing List
Subject: Re: Session Timeout

[moving to struts-user list]
A new session is created when you request a new session somewhere,
it's not created automatically. However, there could be a filter,
request processor, action, or JSP  somewhere that does a
request.getSession() or .getSession(true) (or '... session="true"...'
in JSP), which all will create a session if none exists. If it's
buried deep enough in a chain of filters it could *appear* to be magic
:-)

There is a method isNew() on the session that you can check to see if
it's a new session that might help in your case.

-ed

On 8/30/06, Nuwan Chandrasoma <nu...@yahoo.com> wrote:
> hi,
>
>   I think a new session is created if you invoke an action mapping. this
code will not work. what you have to do is, add some attribute to the
session.. and check if that attribute is on the session. if not you can
redirect to your session timeout page.
>
>   Correct me if i am worng in here.
>
>   Thanks,
>
>   Nuwan
>
> John De Lello <Jo...@DelWare.com> wrote:
>   The mandate is no JS. I'd prefer to not use a filter either for this. I
was
> just wondering why I was getting a valid session when the session was
indeed
> expired.
>
>
> -----Original Message-----
> From: faisal abdallah [mailto:jukcoder@yahoo.co.uk]
> Sent: Tuesday, August 29, 2006 2:30 PM
> To: Struts Developers List; JohnD@DelWare.com
> Subject: RE: Session Timeout
>
> This can be done easily with javascript inside the main layout
> email me on jukcoder@yahoo.co.uk and I will send you the code
>
> skillipedia.com
>
> -----Original Message-----
> From: John De Lello [mailto:JohnD@DelWare.com]
> Sent: Tuesday, August 29, 2006 11:15 AM
> To: dev@struts.apache.org
> Subject: Session Timeout
>
> Hey Everyone,
>
> I am trying to use a custom session timeout JSP. To do this, I extended
> "RequestProcessor" and overrode "processPreprocess" and added the
following
> code:
>
> HttpSession sess = req.getSession(false);
>
> if(sess == null){
> // even when the session IS timed out, I never get here.
> String uri = "/myapp/sessiontimeout.jsp";
> try{
> doForward(uri, req, resp);
> }catch(Exception ex){}
>
> return false;
> }
>
> The problem is, even when I know the session was expired, I never get a
null
> session. Am I missing something?
>
> Thanks
> John
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
> For additional commands, e-mail: dev-help@struts.apache.org
>
>
>
>
> ---------------------------------
> Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great
rates starting at 1¢/min.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org






---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org

Re: Session Timeout

Posted by Ed Griebel <ed...@gmail.com>.
[moving to struts-user list]
A new session is created when you request a new session somewhere,
it's not created automatically. However, there could be a filter,
request processor, action, or JSP  somewhere that does a
request.getSession() or .getSession(true) (or '... session="true"...'
in JSP), which all will create a session if none exists. If it's
buried deep enough in a chain of filters it could *appear* to be magic
:-)

There is a method isNew() on the session that you can check to see if
it's a new session that might help in your case.

-ed

On 8/30/06, Nuwan Chandrasoma <nu...@yahoo.com> wrote:
> hi,
>
>   I think a new session is created if you invoke an action mapping. this code will not work. what you have to do is, add some attribute to the session.. and check if that attribute is on the session. if not you can redirect to your session timeout page.
>
>   Correct me if i am worng in here.
>
>   Thanks,
>
>   Nuwan
>
> John De Lello <Jo...@DelWare.com> wrote:
>   The mandate is no JS. I'd prefer to not use a filter either for this. I was
> just wondering why I was getting a valid session when the session was indeed
> expired.
>
>
> -----Original Message-----
> From: faisal abdallah [mailto:jukcoder@yahoo.co.uk]
> Sent: Tuesday, August 29, 2006 2:30 PM
> To: Struts Developers List; JohnD@DelWare.com
> Subject: RE: Session Timeout
>
> This can be done easily with javascript inside the main layout
> email me on jukcoder@yahoo.co.uk and I will send you the code
>
> skillipedia.com
>
> -----Original Message-----
> From: John De Lello [mailto:JohnD@DelWare.com]
> Sent: Tuesday, August 29, 2006 11:15 AM
> To: dev@struts.apache.org
> Subject: Session Timeout
>
> Hey Everyone,
>
> I am trying to use a custom session timeout JSP. To do this, I extended
> "RequestProcessor" and overrode "processPreprocess" and added the following
> code:
>
> HttpSession sess = req.getSession(false);
>
> if(sess == null){
> // even when the session IS timed out, I never get here.
> String uri = "/myapp/sessiontimeout.jsp";
> try{
> doForward(uri, req, resp);
> }catch(Exception ex){}
>
> return false;
> }
>
> The problem is, even when I know the session was expired, I never get a null
> session. Am I missing something?
>
> Thanks
> John
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
> For additional commands, e-mail: dev-help@struts.apache.org
>
>
>
>
> ---------------------------------
> Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great rates starting at 1¢/min.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org

RE: Session Timeout

Posted by Nuwan Chandrasoma <nu...@yahoo.com>.
hi,
   
  I think a new session is created if you invoke an action mapping. this code will not work. what you have to do is, add some attribute to the session.. and check if that attribute is on the session. if not you can redirect to your session timeout page.
   
  Correct me if i am worng in here.
   
  Thanks,
   
  Nuwan

John De Lello <Jo...@DelWare.com> wrote:
  The mandate is no JS. I'd prefer to not use a filter either for this. I was
just wondering why I was getting a valid session when the session was indeed
expired. 


-----Original Message-----
From: faisal abdallah [mailto:jukcoder@yahoo.co.uk] 
Sent: Tuesday, August 29, 2006 2:30 PM
To: Struts Developers List; JohnD@DelWare.com
Subject: RE: Session Timeout 

This can be done easily with javascript inside the main layout
email me on jukcoder@yahoo.co.uk and I will send you the code

skillipedia.com

-----Original Message-----
From: John De Lello [mailto:JohnD@DelWare.com] 
Sent: Tuesday, August 29, 2006 11:15 AM
To: dev@struts.apache.org
Subject: Session Timeout

Hey Everyone,

I am trying to use a custom session timeout JSP. To do this, I extended
"RequestProcessor" and overrode "processPreprocess" and added the following
code:

HttpSession sess = req.getSession(false);

if(sess == null){
// even when the session IS timed out, I never get here.
String uri = "/myapp/sessiontimeout.jsp";
try{
doForward(uri, req, resp);
}catch(Exception ex){}

return false;
}

The problem is, even when I know the session was expired, I never get a null
session. Am I missing something?

Thanks 
John




---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org



 		
---------------------------------
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great rates starting at 1¢/min.

RE: Session Timeout

Posted by John De Lello <Jo...@DelWare.com>.
The mandate is no JS. I'd prefer to not use a filter either for this. I was
just wondering why I was getting a valid session when the session was indeed
expired. 


-----Original Message-----
From: faisal abdallah [mailto:jukcoder@yahoo.co.uk] 
Sent: Tuesday, August 29, 2006 2:30 PM
To: Struts Developers List; JohnD@DelWare.com
Subject: RE: Session Timeout 

This can be done easily with javascript inside  the main layout
  email me on jukcoder@yahoo.co.uk  and I will send you the code
   
  skillipedia.com

-----Original Message-----
From: John De Lello [mailto:JohnD@DelWare.com] 
Sent: Tuesday, August 29, 2006 11:15 AM
To: dev@struts.apache.org
Subject: Session Timeout

Hey Everyone,

I am trying to use a custom session timeout JSP. To do this, I extended
"RequestProcessor" and overrode "processPreprocess" and added the following
code:

HttpSession sess = req.getSession(false);

if(sess == null){
// even when the session IS timed out, I never get here.
String uri = "/myapp/sessiontimeout.jsp";
try{
doForward(uri, req, resp);
}catch(Exception ex){}

return false;
}

The problem is, even when I know the session was expired, I never get a null
session. Am I missing something?

Thanks 
John




---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org

RE: Session Timeout

Posted by faisal abdallah <ju...@yahoo.co.uk>.
This can be done easily with javascript inside  the main layout
  email me on jukcoder@yahoo.co.uk  and I will send you the code
   
  skillipedia.com

John De Lello <Jo...@DelWare.com> wrote:
  Crap, sorry. Posted to the wrong list. 



-----Original Message-----
From: John De Lello [mailto:JohnD@DelWare.com] 
Sent: Tuesday, August 29, 2006 11:15 AM
To: dev@struts.apache.org
Subject: Session Timeout

Hey Everyone,

I am trying to use a custom session timeout JSP. To do this, I extended
"RequestProcessor" and overrode "processPreprocess" and added the following
code:

HttpSession sess = req.getSession(false);

if(sess == null){
// even when the session IS timed out, I never get here.
String uri = "/myapp/sessiontimeout.jsp";
try{
doForward(uri, req, resp);
}catch(Exception ex){}

return false;
}

The problem is, even when I know the session was expired, I never get a null
session. Am I missing something?

Thanks 
John



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org






---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org



 		
---------------------------------
 Try the all-new Yahoo! Mail . "The New Version is radically easier to use" – The Wall Street Journal

RE: Session Timeout

Posted by John De Lello <Jo...@DelWare.com>.
Crap, sorry. Posted to the wrong list. 



-----Original Message-----
From: John De Lello [mailto:JohnD@DelWare.com] 
Sent: Tuesday, August 29, 2006 11:15 AM
To: dev@struts.apache.org
Subject: Session Timeout

Hey Everyone,

I am trying to use a custom session timeout JSP. To do this, I extended
"RequestProcessor" and overrode "processPreprocess" and added the following
code:

        HttpSession     sess = req.getSession(false);
        
        if(sess == null){
		// even when the session IS timed out, I never get here.
             String uri = "/myapp/sessiontimeout.jsp";
             try{
                doForward(uri, req, resp);
            }catch(Exception ex){}
            
            return false;
        }

The problem is, even when I know the session was expired, I never get a null
session. Am I missing something?

Thanks 
John



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org






---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org