Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

Redirect user to current page after session expire when the user resumes

 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,

I have below requirement:
1. Expire user session after 15 min
2. When user resumes, a new session should be created and for end user application should work like session was never expire. Means, he should be allowed to resume to work from same state where he was in application without any errors.

For 1st thing, I have set session timeout in web.xml. For second part, I would like to know this can be handled. Any pointers are highly appreciated.

Thanks,
Rajeev
 
Ranch Hand
Posts: 148
Hibernate Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Can you elaborate this statement

When user resumes, a new session should be created and for end user application should work like session was never expire.



I am not getting for whom session should expire and for whom not?

Thanks
 
Ranch Hand
Posts: 277
Oracle Spring Flex
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
By resuming the session, you want to authenticate the user again and create the session. If this is the case, how do you think, the user shouldn't know that another session is being created.
Another question, you invalidate the session after 15mins, when you invalidate, the attributes associated with the session will be lost, how do you plan to retain them
 
Ranch Hand
Posts: 317
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I think what the OP means is that once the user logs in again, he should be redirected to the page last being viewed before the session expiry and not the default landing page.

For ex: on JavaRanch, say you are viewing a post and decide to reply. You log in, and once authenticated, JR redirects you to the post that you viewed before.
 
rajeev yadav
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sridhar is right... This is exactly my requirement..
 
Vijay Tidake
Ranch Hand
Posts: 148
Hibernate Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Then you may go for the spring user security.It will provide you a lot more functionalities along with this one.

Thanks
 
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can certainly use a cookie to record the identity of the "current" page every time you send a response, if that is what you are asking.

Bill
 
rajeev yadav
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Bill,

Cookie has many restrictions and also depends on client side settings. So does not seem to be resolving the issue.

About Spring security integration with wicket, I would like to know how it can be done and also if I can get any helpful documentation on integration.

Thanks,
Rajeev
 
Bartender
Posts: 2856
10
Firefox Browser Fedora Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If the user is logging in from a page which needs to be displayed again then the referrer URL can be used to send him back to the same page.
 
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
A simplest way could be have a comon method lets say isSessionValid() and every action you perform call this method.

inside isSessionValid() verify if the session is invalid/expired then foreward to the login page with the current url as a request parameter for example - http://hostnam:port/context-path/login.do?url="currentURL".

in your login page once the user is authenticated,redirect to the currentURL.


-Sujata.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic