• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security related

 
Venu Navat
Ranch Hand
Posts: 30
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
suppose i want my application to be such that , if any action is not done for some stipulated time peroid on any jsp page ,and after that stipulated time if user tries to do some action on that jsp page, he should be taken back to login jsp..... what is the code for this ???
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I do this by putting an object into their session after a successfull login.
Then in all pages that require a valid session, I check for the existance of this object (using a filter). If this object is null, I forward them to the login page.

This would acomplish what you want. If they try to submit the form after the session expires, they would be sent to login.
[ February 10, 2005: Message edited by: Ben Souther ]
 
Rigel Kentaurus
Greenhorn
Posts: 11
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by venu navat:
suppose i want my application to be such that , if any action is not done for some stipulated time peroid on any jsp page ,and after that stipulated time if user tries to do some action on that jsp page, he should be taken back to login jsp..... what is the code for this ???


You could set a session timeout, either with the <session-timeout> in the web.xml or with the setMaxInactiveInterval in the servlet/jsp, then if that time the user was inactive then the session expires and any objects in the session are deleted, then you would have to check for your session and if not valid.... goes back to the login
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic