You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Hans Wichman <ha...@trimm.nl> on 2003/08/13 19:48:04 UTC
difference between session expired or session new
Hi,
I have an app in which users do not have to login, but each user does have
its own session.
I tried to come with a way to detect whether the users current session has
expired, but I can't seem to find a way to differentiate between 'no'
session and an 'expired' session.
What I had was:
if (request.getRequestedSessionId() != null &&
!request.isRequestedSessionIdValid()) {
response.sendRedirect(this.getInitParameter("session_timeout_url"));
return;
}
this works, as long as the servlet is not called from a different context
in which another session is already active.
If I use a sessionlistener to flag somewhere that the session for a certain
session id is no longer valid, this 'flag'repository will keep on growing,
it would probably take forever to cause problems, still is doesn't seem
like a good solution.
Why isn't there something like session.isValid(); so that
request.getSession(false) returns a session object which can be queried for
validness? Now it returns null, which makes it a bit hard to determine
session history.
Greetz
Hans