RE: session tracking in struts
That did the trick. I was using everywhere but had some links that were not using . I changed to use link and I can see the jsessionid appended when I view source. Thanks! > Date: Thu, 21 Feb 2008 20:42:56 +0100> From: [EMAIL PROTECTED]> To: > user@struts.apache.org> Subject: Re: session tracking in struts> > 2008/2/21, > Andy Hahn <[EMAIL PROTECTED]>:> > I haven't seen many Struts1 questions since > I have joined so hopefully this is the right place to be asking.> > Yes it is > :-)> > > I am using Struts/Tomcat5.5 and I am using the pattern for session > management where I have a BaseAction class with executeAction(). I can't > remember the pattern name but hopefully you know what I'm referring to.> > > Err... I don't know it :-(> > > So this works great when cookies are enabled > on a browser but when I disable cookies the session is no longer kept > around.> >> > Maybe this is a struts setting or maybe a tomcat setting. From > all I have read, it sounds like url rewriting should automatically happen but > it isn't. Any ideas?> > Just a shot in the dark: do you use *always" > and> tags? If not, URL rewriting won't happen.> > > Antonio> > > -> To > unsubscribe, e-mail: [EMAIL PROTECTED]> For additional commands, e-mail: > [EMAIL PROTECTED]> _ Need to know the score, the latest news, or you need your HotmailĀ®-get your "fix". http://www.msnmobilefix.com/Default.aspx
Re: session tracking in struts
2008/2/21, Andy Hahn <[EMAIL PROTECTED]>: > I haven't seen many Struts1 questions since I have joined so hopefully this > is the right place to be asking. Yes it is :-) > I am using Struts/Tomcat5.5 and I am using the pattern for session > management where I have a BaseAction class with executeAction(). I can't > remember the pattern name but hopefully you know what I'm referring to. Err... I don't know it :-( > So this works great when cookies are enabled on a browser but when I disable > cookies the session is no longer kept around. > > Maybe this is a struts setting or maybe a tomcat setting. From all I have > read, it sounds like url rewriting should automatically happen but it isn't. > Any ideas? Just a shot in the dark: do you use *always" and tags? If not, URL rewriting won't happen. Antonio - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session tracking in struts?
To answer your question: 1) create a filter that does your tests for a "valid" session but only check it if the "isNewSession" flag in a session is not set. When you find a bad session, call session.invalidate() and forward to an for the login page. You should add redirect="true" to the action-forward so that the browser will load the login page as if they were coming in the first time. If you need to have the sessionExpire page you can have it display and either embed a button that will bring user to the login page or have a meta redirect tag that redirects them after x seconds. The real question is, why are you going to re-check authentication every time they go in, is there anything more you need to check for it to be a "valid" session? Remember that a given browser's requests will always go to the same session; so once they are validated, you can set a flag in the session that they have been validated and don't worry about re-authentication. -ed On 10/28/06, Mallik <[EMAIL PROTECTED]> wrote: HI friends In my application i want to test session valid or not before affaring any service to the user. that means, once the user logon, i will maintain a session and for any request thenafter upto logout i need to test that session is valid, otherwise i need to display sessionExpire page and requires relogin. please let me know that how to do it? ur's Mallik -- View this message in context: http://www.nabble.com/Session-tracking-in-struts--tf2527634.html#a7045712 Sent from the Struts - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session tracking correct approach
Hi Prerna,
If i am not wrong , this is not session tracking.
it is session validation.
1) this has a problem,
It unnecessarily creates a session.
2)think it works but using browser back button might fail
3) think it works but using browser back button might fail
4)Using filters (Cookies) - filters are not cookies.
it is just like a controller svlt.
please correct me if i am wrong
Regards
PH
On 7/31/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Hi All,
I would like to know which is the best approach for session tracking in
struts among the following
1) Writing your own ActionServlet class which will have the
following code
public class MyActionServlet extends ActionServlet{
/* (non-Javadoc)
* @see
org.apache.struts.action.ActionServlet#doGet(javax.servlet.http.HttpServ
letRequest, javax.servlet.http.HttpServletResponse)
*/
public void doGet(HttpServletRequest request,
HttpServletResponse response) throws IOException, ServletException {
System.out.println(" Inside doGet Method of
MyActionServlet");
String id = request.getRequestedSessionId();
System.out.println(" The REQUEST SESSION ID IS
::"+id);
HttpSession session=request.getSession(true);
System.out.println(" Value of the new SESSION
OBJECT IS :;"+session.getId());
System.out.println(" Is it a new session object
? :;"+session.isNew());
if (!(id.matches(session.getId(
{
System.out.println("");
System.out.println("*SESSION TIME
OUT");
System.out.println("");
}
super.doGet(request,response);
}
2) Writing a base action and checking for session expiry in
that class
public class DisplayProfileAction extends Action
{
public ActionForward execute(ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response) throws IOException,
ServletException
{
HttpSession session= HttpSession
session=request.getSession(true);
Boolean valid=session.getParameter("VALID");
if (valid == null)
{
System.out.println("");
System.out.println("*SESSION TIME
OUT");
System.out.println("");
}
}
}
3) Or using the following code. Any suggestion as to where should
this code be placed. In your own action servlet class or in BaseAction
class
if (!request.isRequestedSessionIdValid())
{
System.out.println("");
System.out.println("*SESSION TIME OUT");
System.out.println("");
}
4) Using filters (Cookies) to track session timeout which by using
filters will the performance of the system not get affected?
Thanks & Regards
Prerna
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s) and
may contain proprietary, confidential or privileged information. If you are
not the intended recipient, you should not disseminate, distribute or copy
this e-mail. Please notify the sender immediately and destroy all copies of
this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses. The
company accepts no liability for any damage caused by any virus transmitted
by this email.
www.wipro.com
Re: Session Tracking
Hi,
I ma not good at struts , but it seems u dont have to write a filter class
or a listener calss for this.
there is an api support for this.
request.isResuistedSessionIDValid() or similar to this.
u can check this action in your common contrler svlt or even in a filter.
hope this helps
PH
On 7/29/06, Laurie Harper <[EMAIL PROTECTED]> wrote:
You only need to do that if you need to take some action on session
expiry; the servlet container will take care of calling
session.invalidate() for you automatically.
L.
Patil, Sheetal wrote:
> Create an listener and configure it in your web.xml
>
>
> org.Application.SessionCounterListener
>
>
> public class SessionCounterListener implements HttpSessionListener
> {
> /**
> * this method is automcatically called when a session is created
> with the site
> */
> public void sessionCreated( HttpSessionEvent httpSessionEvent )
> {
> }
>
> /**
> * this method is called when a session is destroyed
> */
> public void sessionDestroyed( HttpSessionEvent httpSessionEvent )
> {
> }
> }
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Friday, July 28, 2006 4:02 PM
> To: user@struts.apache.org
> Subject: RE: Session Tracking
>
>
> Hi All,
>
> What code do I explicit need to write to be able to call
> session.invalidate() when the session timeout happens ?
>
> For eg
>
> 1) I have opened a window
>
> 2) Timeout is set to 5 mins.
> 3) There is no activity on the browser for 5 mins
>
> How will my application get to know that I need to call
> session.invalidate() for this session?
>
> Do I need to write listener classes? Can anyone post a code snippet?
>
> Thanks
> Prerna
>
>
> -Original Message-
> From: Patil, Sheetal [mailto:[EMAIL PROTECTED]
>
> Sent: Friday, July 28, 2006 11:28 AM
> To: Struts Users Mailing List
> Subject: RE: Session Tracking
>
> As I know session timeout value is used, if for that perticular time if
> user is inactive then distroy the session.
> And as close window dosen't contact with server you can't track it
> (preferably use session timeout) or
>
> use ajax and send distroy request to server on pageclose event if
> possible
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
>
> Sent: Friday, July 28, 2006 11:11 AM
> To: user@struts.apache.org
> Subject: Session Tracking
>
>
> H All,
>
>
>
>
> I am using struts framework and tomcat as the webserver. I want to
> implement session tracking and explicitly expire the session after a
> fixed period of inactivity.
>
>
>
>
> So the session needs to expire in the following scenarios
>
>
>
>
> 1) User clicks on Logout on JSP page ( Can this be achieved by
> explicitly doing session.invalidate() ?)
>
> 2) User clicks on the close button on window
>
> 3) The session is inactive for lets say 5 mins
>
> 4) The session timeout ( depending on the value set in web.xml)
>
>
>
>
> Can you tell me the best design approach to handle this? Should I take
> care of all in a class which extends ActionServlet?
>
>
>
>
> Regards
>
> Prerna
>
>
>
>
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s)
> and may contain proprietary, confidential or privileged information. If
> you are not the intended recipient, you should not disseminate,
> distribute or copy this e-mail. Please notify the sender immediately and
> destroy all copies of this message and any attachments.
>
>
> WARNING: Computer viruses can be transmitted via email. The recipient
> should check this email and any attachments for the presence of viruses.
> The company accepts no liability for any damage caused by any virus
> transmitted by this email.
>
>
> www.wipro.com
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s)
> and may contain proprietary, confidential or privileged information. If
> you are not the intended recipient, you should not disseminate,
> distribute or copy this e-mail. Please notify the sender immediately and
> destroy all copies of this message and any attachments.
>
>
> WARNING: Computer viruses can be transmitted via email. The recipient
> sh
Re: Session Tracking
Yes, you'd want to have an up-front check for expired sessions on each
request. There are various ways to achieve that; you could have a base
action which does the check, use a filter, or customize the Struts
request procession life-cycle (using a custom request processor
implementation or modified chain config, depending on what version of
Struts you're targeting).
L.
Givler, Eric wrote:
Do you generally put any session related expiry code in a base action class so you can forward prior to calling your execute() method in the action if the session is no longer "active"?
That is, I really wouldn't want any of the action class code running, and
currently the application I'm working on was Model 1 which routed to a
Logout.jsp when the session information was missing. I'm in the process of
rewriting it. Since the action is firing before the JSP, I can see where it
might execute something and not get trapped until it hits the JSP. [Like save
a record w/o putting in the user's information which was maintained in the
session and now we don't know who changed the record.]
Am I missing the boat here? (this if my first Struts project)
-Original Message-
From: news [mailto:[EMAIL PROTECTED] Behalf Of Laurie Harper
Sent: Friday, July 28, 2006 3:40 PM
To: user@struts.apache.org
Subject: Re: Session Tracking
Importance: High
You only need to do that if you need to take some action on session
expiry; the servlet container will take care of calling
session.invalidate() for you automatically.
L.
Patil, Sheetal wrote:
Create an listener and configure it in your web.xml
org.Application.SessionCounterListener
public class SessionCounterListener implements HttpSessionListener
{
/**
* this method is automcatically called when a session is created
with the site
*/
public void sessionCreated( HttpSessionEvent httpSessionEvent )
{
}
/**
* this method is called when a session is destroyed
*/
public void sessionDestroyed( HttpSessionEvent httpSessionEvent )
{
}
}
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 4:02 PM
To: user@struts.apache.org
Subject: RE: Session Tracking
Hi All,
What code do I explicit need to write to be able to call
session.invalidate() when the session timeout happens ?
For eg
1) I have opened a window
2) Timeout is set to 5 mins.
3) There is no activity on the browser for 5 mins
How will my application get to know that I need to call
session.invalidate() for this session?
Do I need to write listener classes? Can anyone post a code snippet?
Thanks
Prerna
-Original Message-
From: Patil, Sheetal [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:28 AM
To: Struts Users Mailing List
Subject: RE: Session Tracking
As I know session timeout value is used, if for that perticular time if
user is inactive then distroy the session.
And as close window dosen't contact with server you can't track it
(preferably use session timeout) or
use ajax and send distroy request to server on pageclose event if
possible
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:11 AM
To: user@struts.apache.org
Subject: Session Tracking
H All,
I am using struts framework and tomcat as the webserver. I want to
implement session tracking and explicitly expire the session after a
fixed period of inactivity.
So the session needs to expire in the following scenarios
1) User clicks on Logout on JSP page ( Can this be achieved by
explicitly doing session.invalidate() ?)
2) User clicks on the close button on window
3) The session is inactive for lets say 5 mins
4) The session timeout ( depending on the value set in web.xml)
Can you tell me the best design approach to handle this? Should I take
care of all in a class which extends ActionServlet?
Regards
Prerna
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
The information contained in this electronic message and any attachments
to this message are intended fo
RE: Re: Session Tracking
Do you generally put any session related expiry code in a base action class so
you can forward prior to calling your execute() method in the action if the
session is no longer "active"?
That is, I really wouldn't want any of the action class code running, and
currently the application I'm working on was Model 1 which routed to a
Logout.jsp when the session information was missing. I'm in the process of
rewriting it. Since the action is firing before the JSP, I can see where it
might execute something and not get trapped until it hits the JSP. [Like save
a record w/o putting in the user's information which was maintained in the
session and now we don't know who changed the record.]
Am I missing the boat here? (this if my first Struts project)
-Original Message-
From: news [mailto:[EMAIL PROTECTED] Behalf Of Laurie Harper
Sent: Friday, July 28, 2006 3:40 PM
To: user@struts.apache.org
Subject: Re: Session Tracking
Importance: High
You only need to do that if you need to take some action on session
expiry; the servlet container will take care of calling
session.invalidate() for you automatically.
L.
Patil, Sheetal wrote:
> Create an listener and configure it in your web.xml
>
>
> org.Application.SessionCounterListener
>
>
> public class SessionCounterListener implements HttpSessionListener
> {
> /**
> * this method is automcatically called when a session is created
> with the site
> */
> public void sessionCreated( HttpSessionEvent httpSessionEvent )
> {
> }
>
> /**
> * this method is called when a session is destroyed
> */
> public void sessionDestroyed( HttpSessionEvent httpSessionEvent )
> {
> }
> }
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Friday, July 28, 2006 4:02 PM
> To: user@struts.apache.org
> Subject: RE: Session Tracking
>
>
> Hi All,
>
> What code do I explicit need to write to be able to call
> session.invalidate() when the session timeout happens ?
>
> For eg
>
> 1) I have opened a window
>
> 2) Timeout is set to 5 mins.
> 3) There is no activity on the browser for 5 mins
>
> How will my application get to know that I need to call
> session.invalidate() for this session?
>
> Do I need to write listener classes? Can anyone post a code snippet?
>
> Thanks
> Prerna
>
>
> -Original Message-
> From: Patil, Sheetal [mailto:[EMAIL PROTECTED]
>
> Sent: Friday, July 28, 2006 11:28 AM
> To: Struts Users Mailing List
> Subject: RE: Session Tracking
>
> As I know session timeout value is used, if for that perticular time if
> user is inactive then distroy the session.
> And as close window dosen't contact with server you can't track it
> (preferably use session timeout) or
>
> use ajax and send distroy request to server on pageclose event if
> possible
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
>
> Sent: Friday, July 28, 2006 11:11 AM
> To: user@struts.apache.org
> Subject: Session Tracking
>
>
> H All,
>
>
>
>
> I am using struts framework and tomcat as the webserver. I want to
> implement session tracking and explicitly expire the session after a
> fixed period of inactivity.
>
>
>
>
> So the session needs to expire in the following scenarios
>
>
>
>
> 1) User clicks on Logout on JSP page ( Can this be achieved by
> explicitly doing session.invalidate() ?)
>
> 2) User clicks on the close button on window
>
> 3) The session is inactive for lets say 5 mins
>
> 4) The session timeout ( depending on the value set in web.xml)
>
>
>
>
> Can you tell me the best design approach to handle this? Should I take
> care of all in a class which extends ActionServlet?
>
>
>
>
> Regards
>
> Prerna
>
>
>
>
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s)
> and may contain proprietary, confidential or privileged information. If
> you are not the intended recipient, you should not disseminate,
> distribute or copy this e-mail. Please notify the sender immediately and
> destroy all copies of this message and any attachments.
>
>
> WARNING: Computer viruses can be transmitted via email. The recipient
> should check this email and any attachments for the presence of viruses.
> The company accepts no liability for any damage caused by any virus
> transmitted by this email.
>
>
> www.wipro.com
>
> ---
Re: Session Tracking
You only need to do that if you need to take some action on session
expiry; the servlet container will take care of calling
session.invalidate() for you automatically.
L.
Patil, Sheetal wrote:
Create an listener and configure it in your web.xml
org.Application.SessionCounterListener
public class SessionCounterListener implements HttpSessionListener
{
/**
* this method is automcatically called when a session is created
with the site
*/
public void sessionCreated( HttpSessionEvent httpSessionEvent )
{
}
/**
* this method is called when a session is destroyed
*/
public void sessionDestroyed( HttpSessionEvent httpSessionEvent )
{
}
}
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 4:02 PM
To: user@struts.apache.org
Subject: RE: Session Tracking
Hi All,
What code do I explicit need to write to be able to call
session.invalidate() when the session timeout happens ?
For eg
1) I have opened a window
2) Timeout is set to 5 mins.
3) There is no activity on the browser for 5 mins
How will my application get to know that I need to call
session.invalidate() for this session?
Do I need to write listener classes? Can anyone post a code snippet?
Thanks
Prerna
-Original Message-
From: Patil, Sheetal [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:28 AM
To: Struts Users Mailing List
Subject: RE: Session Tracking
As I know session timeout value is used, if for that perticular time if
user is inactive then distroy the session.
And as close window dosen't contact with server you can't track it
(preferably use session timeout) or
use ajax and send distroy request to server on pageclose event if
possible
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:11 AM
To: user@struts.apache.org
Subject: Session Tracking
H All,
I am using struts framework and tomcat as the webserver. I want to
implement session tracking and explicitly expire the session after a
fixed period of inactivity.
So the session needs to expire in the following scenarios
1) User clicks on Logout on JSP page ( Can this be achieved by
explicitly doing session.invalidate() ?)
2) User clicks on the close button on window
3) The session is inactive for lets say 5 mins
4) The session timeout ( depending on the value set in web.xml)
Can you tell me the best design approach to handle this? Should I take
care of all in a class which extends ActionServlet?
Regards
Prerna
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Session Tracking
Create an listener and configure it in your web.xml
org.Application.SessionCounterListener
public class SessionCounterListener implements HttpSessionListener
{
/**
* this method is automcatically called when a session is created
with the site
*/
public void sessionCreated( HttpSessionEvent httpSessionEvent )
{
}
/**
* this method is called when a session is destroyed
*/
public void sessionDestroyed( HttpSessionEvent httpSessionEvent )
{
}
}
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 4:02 PM
To: user@struts.apache.org
Subject: RE: Session Tracking
Hi All,
What code do I explicit need to write to be able to call
session.invalidate() when the session timeout happens ?
For eg
1) I have opened a window
2) Timeout is set to 5 mins.
3) There is no activity on the browser for 5 mins
How will my application get to know that I need to call
session.invalidate() for this session?
Do I need to write listener classes? Can anyone post a code snippet?
Thanks
Prerna
-Original Message-
From: Patil, Sheetal [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:28 AM
To: Struts Users Mailing List
Subject: RE: Session Tracking
As I know session timeout value is used, if for that perticular time if
user is inactive then distroy the session.
And as close window dosen't contact with server you can't track it
(preferably use session timeout) or
use ajax and send distroy request to server on pageclose event if
possible
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:11 AM
To: user@struts.apache.org
Subject: Session Tracking
H All,
I am using struts framework and tomcat as the webserver. I want to
implement session tracking and explicitly expire the session after a
fixed period of inactivity.
So the session needs to expire in the following scenarios
1) User clicks on Logout on JSP page ( Can this be achieved by
explicitly doing session.invalidate() ?)
2) User clicks on the close button on window
3) The session is inactive for lets say 5 mins
4) The session timeout ( depending on the value set in web.xml)
Can you tell me the best design approach to handle this? Should I take
care of all in a class which extends ActionServlet?
Regards
Prerna
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Session Tracking
Hi All, What code do I explicit need to write to be able to call session.invalidate() when the session timeout happens ? For eg 1) I have opened a window 2) Timeout is set to 5 mins. 3) There is no activity on the browser for 5 mins How will my application get to know that I need to call session.invalidate() for this session? Do I need to write listener classes? Can anyone post a code snippet? Thanks Prerna -Original Message- From: Patil, Sheetal [mailto:[EMAIL PROTECTED] Sent: Friday, July 28, 2006 11:28 AM To: Struts Users Mailing List Subject: RE: Session Tracking As I know session timeout value is used, if for that perticular time if user is inactive then distroy the session. And as close window dosen't contact with server you can't track it (preferably use session timeout) or use ajax and send distroy request to server on pageclose event if possible -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, July 28, 2006 11:11 AM To: user@struts.apache.org Subject: Session Tracking H All, I am using struts framework and tomcat as the webserver. I want to implement session tracking and explicitly expire the session after a fixed period of inactivity. So the session needs to expire in the following scenarios 1) User clicks on Logout on JSP page ( Can this be achieved by explicitly doing session.invalidate() ?) 2) User clicks on the close button on window 3) The session is inactive for lets say 5 mins 4) The session timeout ( depending on the value set in web.xml) Can you tell me the best design approach to handle this? Should I take care of all in a class which extends ActionServlet? Regards Prerna The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Session Tracking
As I know session timeout value is used, if for that perticular time if user is inactive then distroy the session. And as close window dosen't contact with server you can't track it (preferably use session timeout) or use ajax and send distroy request to server on pageclose event if possible -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, July 28, 2006 11:11 AM To: user@struts.apache.org Subject: Session Tracking H All, I am using struts framework and tomcat as the webserver. I want to implement session tracking and explicitly expire the session after a fixed period of inactivity. So the session needs to expire in the following scenarios 1) User clicks on Logout on JSP page ( Can this be achieved by explicitly doing session.invalidate() ?) 2) User clicks on the close button on window 3) The session is inactive for lets say 5 mins 4) The session timeout ( depending on the value set in web.xml) Can you tell me the best design approach to handle this? Should I take care of all in a class which extends ActionServlet? Regards Prerna The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Session Tracking
1) User clicks on Logout on JSP page ( Can this be achieved by explicitly doing session.invalidate() ?) Yes. 2) User clicks on the close button on window This can be done in Javascript but I am told it doesn't work. In that case you have to depend on session timeout. Plus each time a new User logs in make sure the session is first invalidated and then created. Also make sure there is no cache. 3) The session is inactive for lets say 5 mins Add the following entry in web.xml 5 Where the integer represents time in minutes. You can also do programmatically by saying session.setMaxInactiveInterval() but the web.xml approach is declarative hence better. 4) The session timeout ( depending on the value set in web.xml) Session timeout is same as session-inactive so the solution in number 3 applies. Thanks, Chetan H All, I am using struts framework and tomcat as the webserver. I want to implement session tracking and explicitly expire the session after a fixed period of inactivity. So the session needs to expire in the following scenarios Can you tell me the best design approach to handle this? Should I take care of all in a class which extends ActionServlet? Regards Prerna The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
