I'd like to create a session for my web page that expires after 15-20 minutes- then, once expired, have the user forwarded to the login page. I think I've got the timing thing down... session.setMaxInactiveInterval( x ); The part I don't know how to do is check for the invalid session and do the forward. I haven't found any way to tell if the session.isInactive(); Here's what I'd like to do:
There is no isInactive() function... that I know of. How can this be done? Thank you.
Alternatively, you can use the standard authentication mechanism and set the sessions to timeout (at the application level) after X minutes. Users will then automatically be returned to the login page when they try to access a protected resource. Simon
Or if you don't want to use the standard authentication mechanisn, you could use a filter (from Servlets 2.3) to wrap up this logic for you. This saves you putting it on every page. Simon