Also if you are using a Servlet2.3/JSP 1.2 container (e.g. tomcat 4) (not
sure about earlier versions) you can register listener(s) that will listen
for all the session timeouts in the system or write an object into the
session that implements HttpSessionAttributeListener which will be notified
when it is unbound (e.g. when the session object is about to be destroyed)
Luke
-Original Message-
From: Sean Owen [mailto:[EMAIL PROTECTED]]
Sent: 03 January 2002 14:57
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Session Timeout question
A new session is created before your JSP is serviced, so I think that's why
you're always getting a session object there.
session.isNew() is an indirect but pretty good way of knowing when a session
has just been created, and thus could be because the old session timed out.
You can also put some kind of token into the session and look for that; if
it's not there then you know it's a new sesssion and the old one must have
timed out.
Sean
--- TODD HARNEY [EMAIL PROTECTED] wrote:
How can one accurately detect that a session has timedout? I have a custom
tag that is automatically included on every jsp page we have. Its job is
to
detect whether a session has timedout and if it has, to redirect the user
to a different page to relogin or whatever. I think it is the case that
when I call request.getSession(false) it is still creating a new session
if
the old one has expired. Any thoughts on how to approach this issue? I
don't have access to the name of a login token for example because our
sign-on functionality is just a drop in without the source code.
Thanks,
Todd
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
__
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
