File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Session Timeout problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Session Timeout problem" Watch "Session Timeout problem" New topic

Session Timeout problem

Chetan Pandey
Ranch Hand

Joined: Aug 01, 2005
Posts: 31
Hi All:

I am using Tomcat 5.5, Struts and using Form-Based JDBC Realm Authentication.

I also have a concrete implementation of HttpSessionListener which contains debug statements in both sessionCreated and sessionDestroyed methods.

When I start my program in Eclipse using Run-As->Run-On-Server, I see a debug statement in my Console

"Session has been Created".

This surprises me as I expect this to be generated when the User has logged-on to the System using the Form-based Authentication.

After I log in my session for which timeout has been set to 1 minute will expire and I will corectly get a debug statement from sessionDestroyed() method that "session has been expired".

But then I try to click on any link on my Application, it correctly redirects me to the Form-based Login Page but in the Console I see "Session has been created".

Tryin to login results redirection to the Default Error Page where the Exception printed is:

This Line corresponds to Code in my Action where I am trying to retrieve an attribute from the session and it is null.

What I dont understand is why "session" is being created on the startup of the browser - and if that is normal - why after session time-out clicking on any link "creates another session"

Thanks for your kind responses.

Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
In form based authentication the main logic of authenticating usename and password from your LDAP (or any other realm) is done by the J_security_check.That might be creating session in the advance before the user sends in the credentials to this for verification.

Rahul Bhattacharjee
LinkedIn - Blog
I agree. Here's the link:
subject: Session Timeout problem
jQuery in Action, 3rd edition