Hi Programmers!! Im using struts 1, and in my struts actions, to redirect to login page after session expires im checking request.getSession(false) == null but each & every time it present... all variables get expires after session timeout, but request.getSession(false) not returning NULL... so if condition fails here. i've wasted much time rather days to find out WHY? can anyone tell me why this happening??? Hurry please... thank you.
You can check the session for the presence of an object, however; a fresh session won't contain your application object (unless it's created by, say, a custom request processor).
Joined: Nov 04, 2008
Hi friend, thank you for reply... In their docs, they have mentioned that request.getSession(false) returns null if it not exists... so, this is a bug??? & what is solution??? Im not getting what you want to say in reply....
The JEE docs say that. The JEE docs also say that a JSP page will create a session if one doesn't exist unless you use the "page" directive and set session="false". The Struts docs say that there are some circumstances under which Struts itself may create a session as well.
For example, see this thread for some of the things that affect session creation.
What *I'm* saying is that it may be easier to check the session for an object that your application puts into it on a login. For example, a user object. If the session has expired, there will no longer be a user object in it. Even if a new session is created by a JSP or the framework, until your application puts a new user object into session, you can tell that it's an invalid session by the lack of the user object.