Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

request.getSession(false) Misbehavior...

 
Omkar Kelkar
Greenhorn
Posts: 6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Programmers!!
Im using struts 1,
and in my struts actions, to redirect to login page after session expires
im checking request.getSession(false) == null
but each & every time it present...
all variables get expires after session timeout, but request.getSession(false) not returning NULL...
so if condition fails here.
i've wasted much time rather days to find out WHY?
can anyone tell me why this happening???
Hurry please...
thank you.
 
David Newton
Author
Rancher
Posts: 12617
IntelliJ IDE Ruby
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Struts creates a session if one does not exist.

You can check the session for the presence of an object, however; a fresh session won't contain your application object (unless it's created by, say, a custom request processor).
 
Omkar Kelkar
Greenhorn
Posts: 6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi friend,
thank you for reply...
In their docs, they have mentioned that request.getSession(false) returns null if it not exists...
so, this is a bug???
& what is solution???
Im not getting what you want to say in reply....
 
David Newton
Author
Rancher
Posts: 12617
IntelliJ IDE Ruby
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The JEE docs say that. The JEE docs also say that a JSP page will create a session if one doesn't exist unless you use the "page" directive and set session="false". The Struts docs say that there are some circumstances under which Struts itself may create a session as well.

For example, see this thread for some of the things that affect session creation.

What *I'm* saying is that it may be easier to check the session for an object that your application puts into it on a login. For example, a user object. If the session has expired, there will no longer be a user object in it. Even if a new session is created by a JSP or the framework, until your application puts a new user object into session, you can tell that it's an invalid session by the lack of the user object.
 
Omkar Kelkar
Greenhorn
Posts: 6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you for reply...
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic