Handle Session Expire in JSP

Dear Friends

I am new to JSP. When the session expireses let us take that i am in the xxxx.jsp page when i refresh the page it goes to login page. After success fully login is should go to the xxxx.jsp page tell me how to do that. I am waiting for you replies. It is very urgent please to help me.

with regards
selva

"selva agent", please check your private messages for an important administrative matter.

You may also want to read this with regards to using phrases like "urgent" in your posts.

This is not something that should be handled in a JSP. You should investigate the use of filters for use in authentication.

In the filter, its easy enough to store the original URL information in the session for use later, after a successful log in.

Dear Friend

Thank you for your fast reply Being a novie i could not understand what you have said. Could please expline more elabaratly ro can you give samples which full fills my requirement. I waiting for your reply. It is very URGENT please to help me

with regards
selva

if you use tomcat, the quickest way would be to use j_security_check

it handles the redirection of the last page you visited automatically.

else, you would have to create your own

You can use servlet filter for your purpose. By using it you can get the name of the .jsp(xxxx.jsp) file from which the request come from and then you need to check wheather the user having the session or not if not need to save the name of the page in a db table , once the user login redirect the user to that page (xxxx.jsp).

Do one thing write filter, check for loged in or not if not. save the REFER_URL to session, and take hime to login page, once succussfull login see any REFER_URL in session if there take him to that page

Hi selva, I too don't know how to use j_security_check or filters. But i can help you how to do that without that. You have to do some coding.

Consider this is your xxxx.jsp page.

If the session expires you are redirecting the user to login page. This is good. But after logging in you are redirecting the user to the home page. Try to do like this.

This code will redirect you to your login1.jsp page. Once you enter the user details and submit the form, think that you will be transferred to login2.jsp.
In the login2.jsp you will be checking the user details in the database, if matched you will be redirecting the user to home.jsp page. This time you do like this:

If the page session is null you will be redirected to home.jsp page, otherwise you will be redirected to the previously viewing page.

Have a nice day.

Dear Friends

Thank you for your replies. I have the idea and i have solved my problem

with regards
selva

Hi Selva..

I suggest you that you should use CMS (Container Managed Security)..
if you use Tomcat, you could configure it in Tomcat files configuration..
and then you should configure your web.xml to restrict any URL
and the container (Tomcat) would do :
- force user to fill user name and password (if the user's not yet login) ..
- force user again to fill user name and password (if the user's session expired) ..

Correct me if i'm wrong...
Thanks..

Leonardo Carreira wrote:Hi Selva..

I suggest you that you should use CMS (Container Managed Security)..
if you use Tomcat, you could configure it in Tomcat files configuration..
and then you should configure your web.xml to restrict any URL
and the container (Tomcat) would do :
- force user to fill user name and password (if the user's not yet login) ..
- force user again to fill user name and password (if the user's session expired) ..

Correct me if i'm wrong...
Thanks..

Hi Leonardo, can you please tell me how can I do that.