aspose file tools*
The moose likes Servlets and the fly likes how to check whether the session is valid or not? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "how to check whether the session is valid or not?" Watch "how to check whether the session is valid or not?" New topic
Author

how to check whether the session is valid or not?

sandeep tava
Greenhorn

Joined: Apr 02, 2008
Posts: 9
can anyone tell me how to check whether the session is valid or not by using the sessinId?
Jesper de Jong
Java Cowboy
Saloon Keeper

Joined: Aug 16, 2005
Posts: 14347
    
  22

sunny pearls, please check your private messages. You can see them by clicking My Private Messages.


Java Beginners FAQ - JavaRanch SCJP FAQ - The Java Tutorial - Java SE 8 API documentation
Amit Ghorpade
Bartender

Joined: Jun 06, 2007
Posts: 2716
    
    6

Why do you need to check it using the session id?
Please tell some details.


SCJP, SCWCD.
|Asking Good Questions|
sandeep tava
Greenhorn

Joined: Apr 02, 2008
Posts: 9
i want to restrict the user login only if his previous session is closed.For that i have to validate his previous session using his sessionid.
Giovanni De Stefano
Ranch Hand

Joined: Aug 17, 2004
Posts: 144
Hello Sunny,

from what I understood what you want to do is to check if the session is new:



I hope it helps.

Giovanni


SCJP 1.4
Seetharaman Venkatasamy
Ranch Hand

Joined: Jan 28, 2008
Posts: 5575

Originally posted by Giovanni De Stefano:





I doubt on This ,it will not suit to sandeep requirment .what happend that user is open from other browser?



[ September 17, 2008: Message edited by: seetharaman venkatasamy ]
[ September 17, 2008: Message edited by: seetharaman venkatasamy ]
Satya Maheshwari
Ranch Hand

Joined: Jan 01, 2007
Posts: 368
i want to restrict the user login only if his previous session is closed.For that i have to validate his previous session using his sessionid.


Could you please explain, what is meant by "previous session" here? It is required that a user should be logged in only once into the application i.e. cannot login twice at the same time. For such a requirement you could consider maintaining a list of logged in users in the ServletContext and prevent login if the name already figures in this list.

I do not think "HttpSession" would serve the purpose, neither it is the correct place as it is useful for stuff which happens within a session, not across sessions.


Thanks and Regards
Giovanni De Stefano
Ranch Hand

Joined: Aug 17, 2004
Posts: 144
Hello Seetharaman,

I am not sure I understood your question properly (if not please rephrase).

Keep in mind that the Client to a Servlet is a Browser (name it Internet Explorer).

If you run the code in my previous post, you will see that the fist time the Servlet is accessed a session is created and isNew() evaluates true.

Any other time the user accesses the Servlet from the same Browser window (Internet Explorer) or from any newly created Browser window (still Internet Explorer) isNew() evaluates false, thus the other branch of code is executed.

Obviously, if you access the Servlet from a different Browser (name it Firefox) a new session is created.

I was just trying to answer the question, what I would have done is to check both the session and the login status. In pseudo code:

1) create a session
2) if the session is new then redirect to login
3) if login successful then remember loginstatus
4) if the session is not new and the user is not logged in then redirect to login
5) else (session not new and user logged in) do whatever you have to...

I hope this clarifies my point of view.

If I am wrong, please provide details why I am wrong (are we all here to learn, aren't we?).

Cheers,
Giovanni
[ September 17, 2008: Message edited by: Giovanni De Stefano ]
Seetharaman Venkatasamy
Ranch Hand

Joined: Jan 28, 2008
Posts: 5575

well Giovanni,


i also did sample application, when i enter first time it is redirecting to the new page.. then i logout from the application. again i want to enter now it is not allowing me !!!

please correct me, if i am wrong
Giovanni De Stefano
Ranch Hand

Joined: Aug 17, 2004
Posts: 144
Hello Seetharaman,

can you post your code so that we can give it a look?

I think that is the easiest way to understand what if going on.

Cheers,
Giovanni
Seetharaman Venkatasamy
Ranch Hand

Joined: Jan 28, 2008
Posts: 5575

My Servlet code:



i try to enter first time from mozilla as well as IE... what you think of the output? as per your explanation..

second time also i try...


but all the time i am going www.gmail.com

please can you explain me
Giovanni De Stefano
Ranch Hand

Joined: Aug 17, 2004
Posts: 144
Hello Seetharaman,

it actually works for me!

The first time I hit http://localhost:8080/TestSession/Test.do I am properly redirected to Google; the second time I hit http://localhost:8080/TestSession/Test.do I am redirected to Gmail; and the third time I am redirected to Google...

Exactly as your code says!

Are you sure you are typing in the right url each time?

Giovanni
Seetharaman Venkatasamy
Ranch Hand

Joined: Jan 28, 2008
Posts: 5575

Originally posted by Giovanni De Stefano:
Are you sure you are typing in the right url each time?



Yes.. but i am getting only GMAIL.com my friend ..


:roll:
Seetharaman Venkatasamy
Ranch Hand

Joined: Jan 28, 2008
Posts: 5575

Hi sandeep and Giovanni,

i think it suits our requirment .. how about it?

Servlet:
Amit Ghorpade
Bartender

Joined: Jun 06, 2007
Posts: 2716
    
    6

I think the code above is doing the same thing as Giovanni's only the other way round(with extra code).
It will fail if the user has two different browsers to make the request.
Also I dont understand the reason for sending a 404- page not found when the user is not logged in.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: how to check whether the session is valid or not?