This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Hi, I am making an application for online test. One of the requirements is to end the session of the user must be ended 1 hour after the user logged in. The time set in web.xml ends a session after the specified time only if the session is INACTIVE. Please tell me how to kill an active session after fixed time. Abhishek.
Then it's simply a case of doing at the appropriate time - inside the timer. I'll leave how to attach the timer thread to the session for you to work out
Not really for me to ask - but why would you want to kill a client that's been logged on for an hour. Don't think they'd apprechiate it much! What if they are in the middle of something which involves putting data in the session - are you just going to loose that data? Are you going to tell the user what's happened?
Joined: Sep 08, 2004
Hey Gray, Thanks for the help. I should have thought of it! Ok I am actually making an application for online test. So examinee has to either logout within 1 hour, or we will disconnect him. Sort of snatching your answer sheets after stipulated time! Hope this makes sense! Thanks again Abhishek.
You can get the time when user logs in by System.getCurrentTime() and then on every page calculate the current time again.If this time is greater than the time when user logs in by one hour then invalidate the session.
Let me know if this approch is right.
"There are no mistakes, only lessons"
Joined: Sep 25, 2005
Hi Abhishek, No problem! I understand what your doing now - still sounds a bit brutal - but we've all sat exams right ;-) Cheers, Gray
Ending the test by killing the session is a BAD BAD BAD idea.
THINK! What would you like to happen in a classroom exam when time is up?
Yes, gather the papers and grade them - you can't do that if the session is expired.
Just note the expiration of the time, stop accepting answers, and force the next output to be the grade result. Mark the session so that the user cant do anything but proceed to whatever final page you want to show, THEN invalidate the session.
Bad idea, I must say. Never rely on client-side scripting. [ October 03, 2005: Message edited by: Adeel Ansari ]