Re: Invalidating a session using JAVASCRIPT

2006-03-21 Thread vijay venkataraman 

Craig,
Thanks for clarifying.

Vijay

Craig McClanahan wrote:


On 3/21/06, vijay venkataraman <[EMAIL PROTECTED]> wrote:
 


Think the best way is call a sumit and do the clean up at the server.
   




You'll likely want to do this in an "onunload" handler for the 
element.

What if cookies are used for maintaining session? - Then i belive we can
 


destory session at the client side by setting the time expiry on the
cookie. I am not sure though. If cookies are disabled, then session
maintenance happens with the jsessionId, then what happens in that case?
   




If the handler your submit invokes calls session.invalidate(), then it will
not matter whether cookies or URL rewriting are used to maintain the session
state.  It will be removed from the server at that point, so any attempt to
come in later will fail.


 


In that case i think the user can later, type in the URL with the
jsession id and access the page and he could get back to the session, if
it has not expired.
Can anyone clarify?
   




That is why you will want to explicitly invalidate the session.

Thanks,
 


Vijay
   




Craig

 




--DISCLAIMER--
This message is for the named person's use only. It may contain 
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission. 

If you receive this message in error, please immediately delete it and 
all copies of it from your system, destroy any hard copies of it and 
notify the sender. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the 
intended recipient. 

Lisle Technology Partners Pvt. Ltd. and any of its subsidiaries each 
reserve the right to monitor all e-mail communications through its 
networks. 

Any views expressed in this message are those of the 
individual sender, except where the message states otherwise and the 
sender is authorized to state them to be the views of any such entity.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Invalidating a session using JAVASCRIPT

2006-03-21 Thread Craig McClanahan 
On 3/21/06, vijay venkataraman <[EMAIL PROTECTED]> wrote:
>
> Think the best way is call a sumit and do the clean up at the server.


You'll likely want to do this in an "onunload" handler for the 
element.

What if cookies are used for maintaining session? - Then i belive we can
> destory session at the client side by setting the time expiry on the
> cookie. I am not sure though. If cookies are disabled, then session
> maintenance happens with the jsessionId, then what happens in that case?


If the handler your submit invokes calls session.invalidate(), then it will
not matter whether cookies or URL rewriting are used to maintain the session
state.  It will be removed from the server at that point, so any attempt to
come in later will fail.


> In that case i think the user can later, type in the URL with the
> jsession id and access the page and he could get back to the session, if
> it has not expired.
> Can anyone clarify?


That is why you will want to explicitly invalidate the session.

Thanks,
> Vijay


Craig

Re: Invalidating a session using JAVASCRIPT

2006-03-21 Thread vijay venkataraman 

Think the best way is call a sumit and do the clean up at the server.
What if cookies are used for maintaining session? - Then i belive we can 
destory session at the client side by setting the time expiry on the 
cookie. I am not sure though. If cookies are disabled, then session 
maintenance happens with the jsessionId, then what happens in that case? 
In that case i think the user can later, type in the URL with the 
jsession id and access the page and he could get back to the session, if 
it has not expired.

Can anyone clarify?

Thanks,
Vijay

[EMAIL PROTECTED] wrote:

Use 


...


 function callAMethod(){
submit to server(may be a servlet);
 }


I have not tested this by summiting to a servlet.But, I am sure
onUnload() works when you click on browser 'X;

Chandra

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

Sent: Tuesday, March 21, 2006 4:08 PM
To: Struts Users Mailing List
Subject: Re: Invalidating a session using JAVASCRIPT

Hi Sahil,
   I believe this can be done by implementing the
HttpSessionBindingListenerInterface.The HttpSessionBindingListener
interface is implemented by the classes whose objects need to receive
notifications whenever they are added to or removed from a session. We
do not have to inform the container about such objects explicitly via
the deployment descriptor. Whenever an object is added to or removed
from any session, the container introspects the interfaces implemented
by that object. If the object implements the HttpSessionBindingListener
interface, the container calls the corresponding notification methods

Rajasekhar Cherukuri
Tata Consultancy Services Limited
Air-India Building 11th Floor,
Nariman Point ,
Mumbai - 400 021,Maharashtra
India
Mailto: [EMAIL PROTECTED]
Website: http://www.tcs.com




"Sahil Gupta" <[EMAIL PROTECTED]>
03/21/2006 04:08 PM
Please respond to
"Struts Users Mailing List" 


To

cc

Subject
Invalidating a session using JAVASCRIPT






Hi,

Can anyone tell me how to  logout a user (invalidate his Session) when a
user directly closes his browser window. 


Thanks.

Regards,

Sahil Gupta

Extn : 233
Email : [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
**
NetEdge Computing Global Solutions Private Limited. 
A-14, Sector-7, NOIDA U.P. 201-301
Tel #  91-120-2423281, 2423282 
Fax #  91-120-2423279 
URL  http//www.netedgecomputing.com 
**

This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based on
this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation. 



ForwardSourceID:NT0001060A 



Notice: The information contained in this e-mail message and/or
attachments to it may contain confidential or privileged information. If
you are not the intended recipient, any dissemination, use, review,
distribution, printing or copying of the information contained in this
e-mail message and/or attachments to it are strictly prohibited. If you
have received this communication in error, please notify us by reply
e-mail or telephone and immediately and permanently delete the message
and any attachments. Thank you

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

 




--DISCLAIMER--
This message is for the named person's use only. It may contain 
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission. 

If you receive this message in error, please immediately delete it and 
all copies of it from your system, destroy any hard copies of it and 
notify the sender. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the 
intended recipient. 

Lisle Technology Partners Pvt. Ltd. and any of its subsidiaries each 
reserve the right to monitor all e-mail communications through its 
networks. 

Any views expressed in this message are those of the 
individual sender, except where the message states otherwise and the 
sender is authorized to state them to be the views of any such entity.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Invalidating a session using JAVASCRIPT

2006-03-21 Thread Sahil Gupta 
 
Ya that's right. I want to invalidate the session when the window closes
without performing a logout.

Regards,

Sahil Gupta

Extn : 233
Email : [EMAIL PROTECTED] 
**
NetEdge Computing Global Solutions Private Limited. 
A-14, Sector-7, NOIDA U.P. 201-301
Tel #  91-120-2423281, 2423282 
Fax #  91-120-2423279 
URL  http//www.netedgecomputing.com 
**
 

-Original Message-
From: Kalra, Ashwani [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, March 21, 2006 4:21 PM
To: Struts Users Mailing List
Subject: RE: Invalidating a session using JAVASCRIPT


I think he doesn't want to catch those events. He wants to invalidate
session on clicking window's close button.

/Ashwani

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

Sent: Tuesday, March 21, 2006 4:08 PM
To: Struts Users Mailing List
Subject: Re: Invalidating a session using JAVASCRIPT

Hi Sahil,
I believe this can be done by implementing the
HttpSessionBindingListenerInterface.The HttpSessionBindingListener interface
is implemented by the classes whose objects need to receive notifications
whenever they are added to or removed from a session. We do not have to
inform the container about such objects explicitly via the deployment
descriptor. Whenever an object is added to or removed from any session, the
container introspects the interfaces implemented by that object. If the
object implements the HttpSessionBindingListener interface, the container
calls the corresponding notification methods

Rajasekhar Cherukuri
Tata Consultancy Services Limited
Air-India Building 11th Floor,
Nariman Point ,
Mumbai - 400 021,Maharashtra
India
Mailto: [EMAIL PROTECTED]
Website: http://www.tcs.com




"Sahil Gupta" <[EMAIL PROTECTED]>
03/21/2006 04:08 PM
Please respond to
"Struts Users Mailing List" 


To

cc

Subject
Invalidating a session using JAVASCRIPT






Hi,
 Can anyone tell me how to  logout a user (invalidate his Session) when a
user directly closes his browser window.  Thanks.

Regards,

Sahil Gupta

Extn : 233
Email : [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
**
NetEdge Computing Global Solutions Private Limited. A-14, Sector-7, NOIDA
U.P. 201-301 Tel #  91-120-2423281, 2423282 Fax #  91-120-2423279 URL
http//www.netedgecomputing.com
**
This message may contain confidential and/or privileged information. If you
are not the addressee or authorized to receive this for the addressee, you
must not use, copy, disclose or take any action based on this message or any
information herein. If you have received this message in error, please
advise the sender immediately by reply e-mail and delete this message. Thank
you for your cooperation.  
ForwardSourceID:NT0001060A 

Notice: The information contained in this e-mail message and/or attachments
to it may contain confidential or privileged information. If you are not the
intended recipient, any dissemination, use, review, distribution, printing
or copying of the information contained in this e-mail message and/or
attachments to it are strictly prohibited. If you have received this
communication in error, please notify us by reply e-mail or telephone and
immediately and permanently delete the message and any attachments. Thank
you


This message contains information that may be privileged or confidential and
is the property of the Capgemini Group. It is intended only for the person
to whom it is addressed. If you are not the intended recipient,  you are not
authorized to read, print, retain, copy, disseminate,  distribute, or use
this message or any part thereof. If you receive this  message in error,
please notify the sender immediately and delete all  copies of this message.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Invalidating a session using JAVASCRIPT

2006-03-21 Thread Chandra.Ravinithala 
Use 

...


  function callAMethod(){
submit to server(may be a servlet);
  }


I have not tested this by summiting to a servlet.But, I am sure
onUnload() works when you click on browser 'X;

Chandra

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

Sent: Tuesday, March 21, 2006 4:08 PM
To: Struts Users Mailing List
Subject: Re: Invalidating a session using JAVASCRIPT

Hi Sahil,
I believe this can be done by implementing the
HttpSessionBindingListenerInterface.The HttpSessionBindingListener
interface is implemented by the classes whose objects need to receive
notifications whenever they are added to or removed from a session. We
do not have to inform the container about such objects explicitly via
the deployment descriptor. Whenever an object is added to or removed
from any session, the container introspects the interfaces implemented
by that object. If the object implements the HttpSessionBindingListener
interface, the container calls the corresponding notification methods

Rajasekhar Cherukuri
Tata Consultancy Services Limited
Air-India Building 11th Floor,
Nariman Point ,
Mumbai - 400 021,Maharashtra
India
Mailto: [EMAIL PROTECTED]
Website: http://www.tcs.com




"Sahil Gupta" <[EMAIL PROTECTED]>
03/21/2006 04:08 PM
Please respond to
"Struts Users Mailing List" 


To

cc

Subject
Invalidating a session using JAVASCRIPT






Hi,
 
Can anyone tell me how to  logout a user (invalidate his Session) when a
user directly closes his browser window. 
 
Thanks.

Regards,

Sahil Gupta

Extn : 233
Email : [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
**
NetEdge Computing Global Solutions Private Limited. 
A-14, Sector-7, NOIDA U.P. 201-301
Tel #  91-120-2423281, 2423282 
Fax #  91-120-2423279 
URL  http//www.netedgecomputing.com 
**
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based on
this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation. 
 

ForwardSourceID:NT0001060A 


Notice: The information contained in this e-mail message and/or
attachments to it may contain confidential or privileged information. If
you are not the intended recipient, any dissemination, use, review,
distribution, printing or copying of the information contained in this
e-mail message and/or attachments to it are strictly prohibited. If you
have received this communication in error, please notify us by reply
e-mail or telephone and immediately and permanently delete the message
and any attachments. Thank you

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Invalidating a session using JAVASCRIPT

2006-03-21 Thread Kalra, Ashwani 

I think he doesn't want to catch those events. He wants to invalidate
session on clicking window's close button.

/Ashwani

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

Sent: Tuesday, March 21, 2006 4:08 PM
To: Struts Users Mailing List
Subject: Re: Invalidating a session using JAVASCRIPT

Hi Sahil,
I believe this can be done by implementing the
HttpSessionBindingListenerInterface.The HttpSessionBindingListener
interface is implemented by the classes whose objects need to receive
notifications whenever they are added to or removed from a session. We
do not have to inform the container about such objects explicitly via
the deployment descriptor. Whenever an object is added to or removed
from any session, the container introspects the interfaces implemented
by that object. If the object implements the HttpSessionBindingListener
interface, the container calls the corresponding notification methods

Rajasekhar Cherukuri
Tata Consultancy Services Limited
Air-India Building 11th Floor,
Nariman Point ,
Mumbai - 400 021,Maharashtra
India
Mailto: [EMAIL PROTECTED]
Website: http://www.tcs.com




"Sahil Gupta" <[EMAIL PROTECTED]>
03/21/2006 04:08 PM
Please respond to
"Struts Users Mailing List" 


To

cc

Subject
Invalidating a session using JAVASCRIPT






Hi,

Can anyone tell me how to  logout a user (invalidate his Session) when a
user directly closes his browser window.

Thanks.

Regards,

Sahil Gupta

Extn : 233
Email : [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
**
NetEdge Computing Global Solutions Private Limited.
A-14, Sector-7, NOIDA U.P. 201-301
Tel #  91-120-2423281, 2423282
Fax #  91-120-2423279
URL  http//www.netedgecomputing.com
**
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based on
this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation.


ForwardSourceID:NT0001060A


Notice: The information contained in this e-mail message and/or
attachments to it may contain confidential or privileged information. If
you are not the intended recipient, any dissemination, use, review,
distribution, printing or copying of the information contained in this
e-mail message and/or attachments to it are strictly prohibited. If you
have received this communication in error, please notify us by reply
e-mail or telephone and immediately and permanently delete the message
and any attachments. Thank you


This message contains information that may be privileged or confidential and is 
the property of the Capgemini Group. It is intended only for the person to whom 
it is addressed. If you are not the intended recipient,  you are not authorized 
to read, print, retain, copy, disseminate,  distribute, or use this message or 
any part thereof. If you receive this  message in error, please notify the 
sender immediately and delete all  copies of this message.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Invalidating a session using JAVASCRIPT

2006-03-21 Thread rajasekhar . cherukuri 
Hi Sahil,
I believe this can be done by implementing the 
HttpSessionBindingListenerInterface.The HttpSessionBindingListener 
interface is implemented by the classes whose objects need to receive 
notifications whenever they are added to or removed from a session. We do 
not have to inform the container about such objects explicitly via the 
deployment descriptor. Whenever an object is added to or removed from any 
session, the container introspects the interfaces implemented by that 
object. If the object implements the HttpSessionBindingListener interface, 
the container calls the corresponding notification methods

Rajasekhar Cherukuri
Tata Consultancy Services Limited
Air-India Building 11th Floor,
Nariman Point ,
Mumbai - 400 021,Maharashtra
India
Mailto: [EMAIL PROTECTED]
Website: http://www.tcs.com




"Sahil Gupta" <[EMAIL PROTECTED]> 
03/21/2006 04:08 PM
Please respond to
"Struts Users Mailing List" 


To

cc

Subject
Invalidating a session using JAVASCRIPT






Hi,
 
Can anyone tell me how to  logout a user (invalidate his Session) when a
user directly closes his browser window. 
 
Thanks.

Regards,

Sahil Gupta

Extn : 233
Email : [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
**
NetEdge Computing Global Solutions Private Limited. 
A-14, Sector-7, NOIDA U.P. 201-301
Tel #  91-120-2423281, 2423282 
Fax #  91-120-2423279 
URL  http//www.netedgecomputing.com 
**
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based on
this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation. 
 

ForwardSourceID:NT0001060A 


Notice: The information contained in this e-mail message and/or attachments to 
it may contain confidential or privileged information. If you are not the 
intended recipient, any dissemination, use, review, distribution, printing or 
copying of the information contained in this e-mail message and/or attachments 
to it are strictly prohibited. If you have received this communication in 
error, please notify us by reply e-mail or telephone and immediately and 
permanently delete the message and any attachments. Thank you

Invalidating a session using JAVASCRIPT

2006-03-21 Thread Sahil Gupta 
Hi,
 
Can anyone tell me how to  logout a user (invalidate his Session) when a
user directly closes his browser window. 
 
Thanks.

Regards,

Sahil Gupta

Extn : 233
Email : [EMAIL PROTECTED]   
**
NetEdge Computing Global Solutions Private Limited. 
A-14, Sector-7, NOIDA U.P. 201-301
Tel #  91-120-2423281, 2423282 
Fax #  91-120-2423279 
URL  http//www.netedgecomputing.com 
**
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based on
this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation.