Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to find session is re-created

 
Seema Hanji
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How can we differenciate between when session created for first time and session re-created after session expiry.
For both the instances, HttpSession isNew() returns true. Also session attribute will be null Either for first time or after session expiry.


Thanks in advance.

[ December 02, 2004: Message edited by: Seema Hanji ]
[ December 07, 2004: Message edited by: Mark Spritzler ]
 
Scott Dunbar
Ranch Hand
Posts: 245
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One way would be to implement a listener. You can get called both when the session is created and when it is destroyed or you can have it listen to attribute changes too.
 
Seema Hanji
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to know whether session expired or not in my Struts action class.

I already have a session listener which removes EJB on session destroyed event. I don't have anyway to communicate between session listener and my action class.
 
Ritesh Agrawal
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

First of all, either way it is the same thing whether a session was created new or a session was re-created due to expiry. There is probably no way to know this just by using any availble API's. If is it necessary for you to know this, then probably the following workarounds might be tried.

1. Use cookies and store the login time of the user. Keep the cookie expiry time to 2 or 3 times the session timeout interval. And when the session is recreated, the cookie can be checked to see if the user was logged in some time before. But I must warn here that, the session might not have expired. the user could have deliberately closed the session and trying to log in again.

2. You can also keep a flag in a database or flat file (if no. of users are not more) for each user in addition to above setting. The flag would be set for the user if the session for the user was expired. So, either by combining this two strategies or by storing the last login time of the user in the database itself along with the flag you can check whether the session is new (first time created) or was recreated because of session timeout. You can use the sessionDestroyed method of javax.servlet.http.HttpSessionListener interface to track the session expiry time and flag.
 
vishwa venkat
Ranch Hand
Posts: 185
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think session_id going to be different, so u may cache the session_id and compare with the one recreated..not sure though..
 
Bob Frapples
Ranch Hand
Posts: 32
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic