aspose file tools*
The moose likes Websphere and the fly likes Detecting expired sessions Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Websphere
Bookmark "Detecting expired sessions" Watch "Detecting expired sessions" New topic
Author

Detecting expired sessions

Steve McCain
Ranch Hand

Joined: Sep 03, 2001
Posts: 45
Hi,
I can check in my servlet code whether a user currently
has a valid session. If there is not a valid session
is it possible to detect whether the user's session has been timed-out by WAS rather than the user never having had a session?
In some of my servlets I test for a valid seesion & forward
to the login page if necessary, I want to give a nice
message if the user has to login again if the session has timed out.
thanks
Steve McCain
Kyle Brown
author
Ranch Hand

Joined: Aug 10, 2001
Posts: 3892
    
    5
Originally posted by Steve McCain:
Hi,
I can check in my servlet code whether a user currently
has a valid session. If there is not a valid session
is it possible to detect whether the user's session has been timed-out by WAS rather than the user never having had a session?
In some of my servlets I test for a valid seesion & forward
to the login page if necessary, I want to give a nice
message if the user has to login again if the session has timed out.
thanks
Steve McCain

All you have to do to check for a valid session is use
HttpSession mySession = req.getSession(false);
if (mySession == null)
// redirect to login page
else
// do what you normally intended....
There is no way of finding out if a session timed out vs. the user never had one. However, you can be notified asynchronously when a session does time out by adding an object of type HttpSessionBindingListener to the HttpSession when it is created. See the spec for details.
Kyle


------------------
Kyle Brown,
Author of Enterprise Java (tm) Programming with IBM Websphere
See my homepage at http://members.aol.com/kgb1001001 for other WebSphere information.


Kyle Brown, Author of Persistence in the Enterprise and Enterprise Java Programming with IBM Websphere, 2nd Edition
See my homepage at http://www.kyle-brown.com/ for other WebSphere information.
Steve McCain
Ranch Hand

Joined: Sep 03, 2001
Posts: 45
Thankyou Kyle, that confirms what I thought.
I'm not sure if I can do what I need to do by using a HttpSessionBindingListener because when the valueUnbound() is invoked, ie on session expiry, I won't have a servlet context & no request or response to forward to my login page. Am I missing something?
Steve
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Detecting expired sessions