my dog learned polymorphism*
The moose likes JSP and the fly likes security related Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "security related" Watch "security related" New topic
Author

security related

Venu Navat
Ranch Hand

Joined: Dec 28, 2004
Posts: 30
suppose i want my application to be such that , if any action is not done for some stipulated time peroid on any jsp page ,and after that stipulated time if user tries to do some action on that jsp page, he should be taken back to login jsp..... what is the code for this ???


-Venu Navat
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

I do this by putting an object into their session after a successfull login.
Then in all pages that require a valid session, I check for the existance of this object (using a filter). If this object is null, I forward them to the login page.

This would acomplish what you want. If they try to submit the form after the session expires, they would be sent to login.
[ February 10, 2005: Message edited by: Ben Souther ]

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Rigel Kentaurus
Greenhorn

Joined: Feb 09, 2005
Posts: 11
Originally posted by venu navat:
suppose i want my application to be such that , if any action is not done for some stipulated time peroid on any jsp page ,and after that stipulated time if user tries to do some action on that jsp page, he should be taken back to login jsp..... what is the code for this ???


You could set a session timeout, either with the <session-timeout> in the web.xml or with the setMaxInactiveInterval in the servlet/jsp, then if that time the user was inactive then the session expires and any objects in the session are deleted, then you would have to check for your session and if not valid.... goes back to the login
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: security related