Re: Session Management

2009-04-16 Thread Paweł Wielgus 
Hi Baran,
You can check for this in interceptor in struts2 or in mainservlet in struts1.

Best greeitings,
Paweł Wielgus.

2009/4/16 Baran baran.k...@gmail.com:

 Hello All,

 I have this common scenario of handling sessions. The scenario is:

 1. To check session on the jsp side when ever a page is loaded. This is
 fairly simple and can be done without much hassle.

 2. Lets say the page is left unattended and the session expires but the user
 is still on that authenticated page. Not the thing is how can I make sure
 that any such request is not processed and is redirected to the login page.
 I can check the session availability but how can I redirect the control to
 login page.

 One more thing, I am working on YUI + Ajax based application, so basically
 all the action requests are via javascript.

 Any help would be appreciated.

 Baran
 --
 View this message in context: 
 http://www.nabble.com/Session-Management-tp23074591p23074591.html
 Sent from the Struts - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org



-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Session Management

2009-04-16 Thread Baran 

Hello Paul,

Thanks for the prompt response, I guess that is a right way to do, but plz
suggest me how can i redirect my control to the login page. Can u plz get me
the syntax, the interceptor thing is ready all i need to do is to redirect
if session is not there...

Thanks
Baran 


Paweł Wielgus wrote:
 
 Hi Baran,
 You can check for this in interceptor in struts2 or in mainservlet in
 struts1.
 
 Best greeitings,
 Paweł Wielgus.
 
 2009/4/16 Baran baran.k...@gmail.com:

 Hello All,

 I have this common scenario of handling sessions. The scenario is:

 1. To check session on the jsp side when ever a page is loaded. This is
 fairly simple and can be done without much hassle.

 2. Lets say the page is left unattended and the session expires but the
 user
 is still on that authenticated page. Not the thing is how can I make sure
 that any such request is not processed and is redirected to the login
 page.
 I can check the session availability but how can I redirect the control
 to
 login page.

 One more thing, I am working on YUI + Ajax based application, so
 basically
 all the action requests are via javascript.

 Any help would be appreciated.

 Baran
 --
 View this message in context:
 http://www.nabble.com/Session-Management-tp23074591p23074591.html
 Sent from the Struts - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org


 
 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Session-Management-tp23074591p23074831.html
Sent from the Struts - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Session Management

2009-04-16 Thread Lukasz Lenart 
package example3;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;

/**
 *
 * @author Lukasz
 */
public class LoginInterceptor implements Interceptor {

public void destroy() {
}

public void init() {
}

public String intercept(ActionInvocation arg0) throws Exception {
if (arg0.getAction() instanceof LoginAction) {
return arg0.invoke();
}
String user = (String)
arg0.getInvocationContext().getSession().get(user);
if ( user == null || .equals(user)) {
return Action.LOGIN;
} else {
return arg0.invoke();
}
}

}


Regards
-- 
Lukasz
http://www.lenart.org.pl/

-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Session Management

2009-04-16 Thread Baran 

Hi,

I guess I am fine with the intercepter side, but the issue is I am not able
to redirect it to a new page. The intercepter is working fine, but the
respone is coming back to the same page and not to the login page.

Any thing that I might be missing in the struts.xml or somewhere? coz
intercepter is fine all I need is to send it to new page.

Thanks 

Lukasz Lenart wrote:
 
 package example3;
 
 import com.opensymphony.xwork2.Action;
 import com.opensymphony.xwork2.ActionInvocation;
 import com.opensymphony.xwork2.interceptor.Interceptor;
 
 /**
  *
  * @author Lukasz
  */
 public class LoginInterceptor implements Interceptor {
 
 public void destroy() {
 }
 
 public void init() {
 }
 
 public String intercept(ActionInvocation arg0) throws Exception {
 if (arg0.getAction() instanceof LoginAction) {
 return arg0.invoke();
 }
 String user = (String)
 arg0.getInvocationContext().getSession().get(user);
 if ( user == null || .equals(user)) {
 return Action.LOGIN;
 } else {
 return arg0.invoke();
 }
 }
 
 }
 
 
 Regards
 -- 
 Lukasz
 http://www.lenart.org.pl/
 
 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Session-Management-tp23074591p23075474.html
Sent from the Struts - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Session Management

2009-04-16 Thread Paweł Wielgus 
Hi,
look at line:
return Action.LOGIN;
this is the place where interceptor is returning simple string which
represents forward,
in my case i have logon defined in struts.xml
like this:

global-results
result name=logon/WEB-INF/pages/logon.jsp/result
/global-results

Hope that helps,
Paweł Wielgus.


2009/4/16 Baran baran.k...@gmail.com:

 Hi,

 I guess I am fine with the intercepter side, but the issue is I am not able
 to redirect it to a new page. The intercepter is working fine, but the
 respone is coming back to the same page and not to the login page.

 Any thing that I might be missing in the struts.xml or somewhere? coz
 intercepter is fine all I need is to send it to new page.

 Thanks

 Lukasz Lenart wrote:

 package example3;

 import com.opensymphony.xwork2.Action;
 import com.opensymphony.xwork2.ActionInvocation;
 import com.opensymphony.xwork2.interceptor.Interceptor;

 /**
  *
  * @author Lukasz
  */
 public class LoginInterceptor implements Interceptor {

     public void destroy() {
     }

     public void init() {
     }

     public String intercept(ActionInvocation arg0) throws Exception {
         if (arg0.getAction() instanceof LoginAction) {
             return arg0.invoke();
         }
         String user = (String)
 arg0.getInvocationContext().getSession().get(user);
         if ( user == null || .equals(user)) {
             return Action.LOGIN;
         } else {
             return arg0.invoke();
         }
     }

 }


 Regards
 --
 Lukasz
 http://www.lenart.org.pl/

 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org




 --
 View this message in context: 
 http://www.nabble.com/Session-Management-tp23074591p23075474.html
 Sent from the Struts - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org



-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Session Management

2009-04-16 Thread Baran 

Hi,

Okay, this is the response I get, I did used the same thing that you are
suggesting, Can it be an issue that I am using AJAX, as the html code of the
login page is coming as a response of the http request I am making, do I
have to redirect it via my JSP page(using javascript)? As otherwise I guess
the whole thing is working fine.

Regards,
Baran
-- 
View this message in context: 
http://www.nabble.com/Session-Management-tp23074591p23076002.html
Sent from the Struts - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Session Management

2009-04-16 Thread Paweł Wielgus 
Hi,
yes it's the case,
because if You are firing ajax request to server it doesn't really
care if it's ajax or plain html request,
so the responsibility to behave properly is on the page side.
I don't know if your interceptor returning html code (page) is ok for You?
Or maybe it should return something else to tell the page to reload all of it?
Because as i think You would like to achieve such scenario:
1. user session is lost
2. user clicks on a link (ajax call)
3. interceptor catches the call and states that it's not allowed
4. page is getting some kind of info that this request is no more
accessible and it should go to loginPage.jsp - total reload of the
page

I haven't been doing such things so i won't help You much with it more.

Best greetings,
Paweł Wielgus.


2009/4/16 Baran baran.k...@gmail.com:

 Hi,

 Okay, this is the response I get, I did used the same thing that you are
 suggesting, Can it be an issue that I am using AJAX, as the html code of the
 login page is coming as a response of the http request I am making, do I
 have to redirect it via my JSP page(using javascript)? As otherwise I guess
 the whole thing is working fine.

 Regards,
 Baran
 --
 View this message in context: 
 http://www.nabble.com/Session-Management-tp23074591p23076002.html
 Sent from the Struts - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org



-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Session Management

2009-04-16 Thread Baran 

Hello Pawel,

well the intercepter can get a message that suggest us to have a login
before proceeding, I guess that can be done, I was trying this thing as I am
a newbie in Struts and I was exploring the possibilities. Thats the best I
can do :)

Thanks for ur help and suggestions.

Regards,
Baran


Paweł Wielgus wrote:
 
 Hi,
 yes it's the case,
 because if You are firing ajax request to server it doesn't really
 care if it's ajax or plain html request,
 so the responsibility to behave properly is on the page side.
 I don't know if your interceptor returning html code (page) is ok for You?
 Or maybe it should return something else to tell the page to reload all of
 it?
 Because as i think You would like to achieve such scenario:
 1. user session is lost
 2. user clicks on a link (ajax call)
 3. interceptor catches the call and states that it's not allowed
 4. page is getting some kind of info that this request is no more
 accessible and it should go to loginPage.jsp - total reload of the
 page
 
 I haven't been doing such things so i won't help You much with it more.
 
 Best greetings,
 Paweł Wielgus.
 
 
 2009/4/16 Baran baran.k...@gmail.com:

 Hi,

 Okay, this is the response I get, I did used the same thing that you are
 suggesting, Can it be an issue that I am using AJAX, as the html code of
 the
 login page is coming as a response of the http request I am making, do I
 have to redirect it via my JSP page(using javascript)? As otherwise I
 guess
 the whole thing is working fine.

 Regards,
 Baran
 --
 View this message in context:
 http://www.nabble.com/Session-Management-tp23074591p23076002.html
 Sent from the Struts - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org


 
 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Session-Management-tp23074591p23076293.html
Sent from the Struts - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: session management

2009-02-20 Thread Paweł Wielgus 
Hi,
i wasn't able to understand Your problem,
so i was thinking that the code You cited below was about the problem
discussed on my blog.
If it's not this problem than try to describe the problem in other words,
i simply don't get it.

Best greetings,
Paweł Wielgus.

2009/2/20 mthalis dinesh_nade...@yahoo.com:

 Give me another suggestion pz.


 mthalis wrote:

 i have already implemented login, logout parts using struts(jsp). But the
 case is after logged out, when i press  back button it is redirected to
 the particular page that i was in before logged out. these are my codings,
 and plz kind enough to give me reasonable answer.

 //set sessions//
 HttpSession session=request.getSession();
 session.setAttribute(userName, userLoginForm.getName());

 //verify log or not
 %
 String userId=(String)session.getAttribute(userName);
   if(userId !=  null){
  %


 ///if not log
 %
 }
 else{
   response.sendRedirect(./index.jsp);
 }
 %

 //logout
 %
 session.removeAttribute(userName);
 session.invalidate();
 response.sendRedirect(./welcome.jsp);
  %



 --
 View this message in context: 
 http://www.nabble.com/session-management-tp22054409p22114881.html
 Sent from the Struts - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org



-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: session management

2009-02-20 Thread Dave Newton 

mthalis wrote:

i have already implemented login, logout parts using struts(jsp). But the
case is after logged out, when i press  back button it is redirected to the
particular page that i was in before logged out. these are my codings, and
plz kind enough to give me reasonable answer.
 
//set sessions//

HttpSession session=request.getSession();
session.setAttribute(userName, userLoginForm.getName());

//verify log or not
%
String userId=(String)session.getAttribute(userName); 
	if(userId !=  null){

 %


///if not log
%
}
else{
response.sendRedirect(./index.jsp);
}
%

//logout
%
session.removeAttribute(userName);
session.invalidate();
response.sendRedirect(./welcome.jsp);
 %



Leaving the discussion about the scriptlets aside, and that this isn't 
really a Struts issue...


When the user hits the back button if a page has been cached it will 
be displayed--no server interaction, so no server interaction. Turn off 
page caching--this forces the browser to go back to the server, 
whereupon it will discover the user is no longer logged in, and run 
the... scriptlet.


Dave


-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: session management

2009-02-19 Thread mthalis 

Give me another suggestion pz.


mthalis wrote:
 
 i have already implemented login, logout parts using struts(jsp). But the
 case is after logged out, when i press  back button it is redirected to
 the particular page that i was in before logged out. these are my codings,
 and plz kind enough to give me reasonable answer.
  
 //set sessions//
 HttpSession session=request.getSession();
 session.setAttribute(userName, userLoginForm.getName());
 
 //verify log or not
 %
 String userId=(String)session.getAttribute(userName); 
   if(userId !=  null){
  %
   
 
 ///if not log
 %
 }
 else{
   response.sendRedirect(./index.jsp);
 }
 %
 
 //logout
 %
 session.removeAttribute(userName);
 session.invalidate();
 response.sendRedirect(./welcome.jsp);
  %
 
 

-- 
View this message in context: 
http://www.nabble.com/session-management-tp22054409p22114881.html
Sent from the Struts - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: session management

2009-02-17 Thread Paweł Wielgus 
Hi mthalis,
maybe this will help:
http://poulwiel.blogspot.com/2009/01/browser-back-button-and-caching-problem.html
but to be honest i don't know if i understand Your problem at all.

Best greetings,
Paweł Wielgus.


2009/2/17 mthalis dinesh_nade...@yahoo.com:

 i have already implemented login, logout parts using struts(jsp). But the
 case is after logged out, when i press  back button it is redirected to the
 particular page that i was in before logged out. these are my codings, and
 plz kind enough to give me reasonable answer.

 //set sessions//
HttpSession session=request.getSession();
session.setAttribute(userName, userLoginForm.getName());

 //verify log or notMaybe
 %
 String userId=(String)session.getAttribute(userName);
if(userId !=  null){
  %


 ///if not log
 %
 }
 else{
response.sendRedirect(./index.jsp);
 }
 %

 //logout
 %
 session.removeAttribute(userName);
 session.invalidate();
 response.sendRedirect(./welcome.jsp);
  %

 --
 View this message in context: 
 http://www.nabble.com/session-management-tp22054409p22054409.html
 Sent from the Struts - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
 For additional commands, e-mail: user-h...@struts.apache.org



-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

[OT] Re: Session management when using IE 7

2008-07-28 Thread Dave Newton 
--- On Mon, 7/28/08, OTA_DZ [EMAIL PROTECTED] wrote:
 I think there is an overlapping of session in
 my application.

Technically it's an overlapping of sessions in the browser.

Different browsers handle these things differently; in general tabbed browsing 
will share a single session. That's not a framework issue; if you want to 
support it you'll probably have to do something tricky, but maybe someone here 
already has a solution.

Dave


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] Re: Session management when using IE 7

2008-07-28 Thread Gabriel Belingueres 
You may want to add support for conversation scope to your application
so that objects stored in session scope doesn't get mixed up.

2008/7/28, Dave Newton [EMAIL PROTECTED]:
 --- On Mon, 7/28/08, OTA_DZ [EMAIL PROTECTED] wrote:
  I think there is an overlapping of session in
  my application.

 Technically it's an overlapping of sessions in the browser.

 Different browsers handle these things differently; in general tabbed 
 browsing will share a single session. That's not a framework issue; if you 
 want to support it you'll probably have to do something tricky, but maybe 
 someone here already has a solution.

 Dave


 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Session Management

2007-03-15 Thread manoj.tripathi 
 maya,
Once a user is logged in session variables are set and your user
interface should not display login option...but if you hit back button
on browser you will see login option in that case use saveToken now to
allow duplicate form submission

Back buttons display thing because form contains it you need to reset it
Regards
-Original Message-
From: Maya menon [mailto:[EMAIL PROTECTED] 
Sent: 15 March 2007 16:43
To: user@struts.apache.org
Subject: Session Management

All,
   
  I have couple of questions while designing a web app using struts. My
application uses Httpsession variables.
  1. How do we handle a user from opening duplicate sessions ? Like if a
user is already logged in, if he/she tries to login again, system should
mention that user is already logegd in. How do we do that ? 

   
  2. Also, back buttons. Back buttons shoudlnt display anything [like no
data] should appear when user clicks back button
   
  How to handle these two situations ? Need suggestions. 
   
  Thanks,
  Maya

 
-
Don't be flakey. Get Yahoo! Mail for Mobile and always stay connected to
friends.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: session management

2006-10-04 Thread purushottam hegde 

So you know when exactly 30 mins elapses? right.?
immedietly after this you can invalidate the session right?
Regards
PH


On 10/3/06, sowjanya chimmani [EMAIL PROTECTED] wrote:


Hi All,


 In our webapplication (struts based) we are using Ajax code
(as part of header in all jsp)which will hits the server for every 10 sec
so every time session will be updated so it is not possible to maintain
the
session (sesstion will not expires though after the session time out value
)
.Please can any one help me to mintain the session(iam setting the session
time out value as 30 min)
--
sowjanya

Re: session management

2006-10-04 Thread Ed Griebel 

It is not clear what you are asking. Is the problem that
- the session is not being maintained even when setting the timeout to
30 minutes
- even after 1/2 hour the session does not timeout

An observation, pinging the server every 10 seconds will create a
lot of unnecessary work on the server. You can probably change it to a
30-50 second ping and set the session timeout to around a minute if
you want to maintain the session.

Since you are pinging the server regularly, as long as the user has a
window up their session will never expire, even if they walk away or
leave their computer on and browser window up all nite. An alternate
solution would be to keep track of non-ping activity and terminate the
user's session after n minutes of only ping activity, maybe redirect
them to a idle too long screen without the AJAX ping when this
occurs.

An alternative approach would be to be able to re-establish the user's
session if they happen to time out, but that is no small task.

good luck,
-ed

On 10/3/06, sowjanya chimmani [EMAIL PROTECTED] wrote:

Hi All,


  In our webapplication (struts based) we are using Ajax code
(as part of header in all jsp)which will hits the server for every 10 sec
so every time session will be updated so it is not possible to maintain the
session (sesstion will not expires though after the session time out value )
.Please can any one help me to mintain the session(iam setting the session
time out value as 30 min)
--
sowjanya




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Session Management Within Webapp 2 (jsessionid)s

2005-10-25 Thread Jim Reynolds 
I updated my processor and added the proper logic that Martin showed
yesterday. And what I am seeing is as follows:
 1) When the user clicks the site, I can watch the logs and it shows that
the session.isNew() and so it redirects to index.jsp.
 2) At that point the screen is showing, so the user clicks a link (non
html style href) to go view a page.
 3) When that page is submitted, I can see by the log, that it calls the
ExtendedProcessor and once again, realizes that the session.isNew() and it
once again calls the index.jsp page.
 4) After that any link the user clicks works, but if you can see the
pattern, the user must click two times before the session is established.
 I would like to have a better handle on why this occurs, or if there is a
way I can ensure that this does not happen. It is ugly when the user has to
click twice, to get rolling.
 Thanks for any advice.


 On 10/24/05, Martin Gainty [EMAIL PROTECTED] wrote:

 Dumb Question but I have to ask
 First from the doc for the method
 public boolean isNew()Returns true if the client does not yet know about
 the
 session or if the client chooses not to join the session. For example, if
 the server used only cookie-based sessions, and the client had disabled
 the
 use of cookies, then a session would be new on each request.
 Returns:
 true if the server has created a session, but the client has not yet
 joined
 Throws:
 IllegalStateException - if this method is called on an already
 invalidated session

 protected boolean processPreProcess(request, response)
 {
 protected boolean continuedProcessing = true;
 try
 {
 if (request.getSession()==null)||(request.getSession().isNew() )
 {
 continueProcessing = false;
 response.sendredirect (/login.jsp);
 } //end if
 } //end try
 catch(IllegalStateException ill)
 {
 out.println(IllegalStateException has been thrown the exception is
 +ill.getMessage());
 }
 return continueProcessing;
 } //end method
 a)are you checking to ensure the getSession is NOT NULL before the isNew
 test ?
 b)In this scenario is the session is null or session isNew then the
 method returns false are your returning true/false?
 c)are you catching the IllegalStateException ???

 Anyone else ?
 M-
 - Original Message -
 From: Jim Reynolds  [EMAIL PROTECTED]
 To: user@struts.apache.org
 Sent: Monday, October 24, 2005 10:57 AM
 Subject: Session Management Within Webapp 2 (jsessionid)s


 I have a project which I am working on. It does not have any type of form
 login. It is just a merchant-type site.

 When client hits the URL, the index.jsp calls a forward like so:
 logic:forward name=welcome /

 This of course sends the request to the struts-config.do.

 I extended the RequestProcessor to set up some session type beans that
 control the site. I only create the beans if the session.isNew() returns
 true. In the RequestProcessor, I can see the beans being created and set
 into the session.

 Finally the request is forward to a .jsp page from the original 
 welcome.do
 call.

 On the jsp page, I have some tags, with links. Since I am using tags, I
 just
 used some normal html style links. Not html:link calls.

 When a user requests hits a link, and calls another xxx.do, the request
 goes
 back to the RequestProcessor, and it thinks the session.isNew(), and I end

 up creating all the session beans again.

 After that it works as it should, but I end up with 2 (jsessionid) cookies
 being created for each user?

 I am seeking advice, as to why this occured, and if this is normal
 behavior,
 or not-normal behavior. Upon researching the topic over the weekend, I was
 unable to find any threads, about this.

 Am I doing something wrong, or possibly a logic-flaw somewhere.

 Thanks,

  user@struts.apache.org

 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Re: Session Management Within Webapp 2 (jsessionid)s

2005-10-24 Thread Martin Gainty 

Dumb Question but I have to ask
First from the doc for the method
public boolean isNew()Returns true if the client does not yet know about the 
session or if the client chooses not to join the session. For example, if 
the server used only cookie-based sessions, and the client had disabled the 
use of cookies, then a session would be new on each request.

   Returns:
   true if the server has created a session, but the client has not yet 
joined

   Throws:
   IllegalStateException - if this method is called on an already 
invalidated session


   protected boolean processPreProcess(request, response)
   {
   protected boolean continuedProcessing = true;
   try
   {
   if (request.getSession()==null)||(request.getSession().isNew() )
   {
continueProcessing = false;
response.sendredirect(/login.jsp);
   } //end if
   } //end try
   catch(IllegalStateException ill)
   {
out.println(IllegalStateException has been thrown the exception is 
+ill.getMessage());

   }
   return continueProcessing;
   } //end method
   a)are you checking to ensure the getSession is NOT NULL before the isNew 
test ?
   b)In this scenario is the session is null or session isNew then  the 
method returns false are your returning true/false?

   c)are you catching the IllegalStateException ???

   Anyone else ?
   M-
- Original Message - 
From: Jim Reynolds [EMAIL PROTECTED]

To: user@struts.apache.org
Sent: Monday, October 24, 2005 10:57 AM
Subject: Session Management Within Webapp 2 (jsessionid)s


I have a project which I am working on. It does not have any type of form
login. It is just a merchant-type site.

When client hits the URL, the index.jsp calls a forward like so:
logic:forward name=welcome /

This of course sends the request to the struts-config.do.

I extended the RequestProcessor to set up some session type beans that
control the site. I only create the beans if the session.isNew() returns
true. In the RequestProcessor, I can see the beans being created and set
into the session.

Finally the request is forward to a .jsp page from the original welcome.do
call.

On the jsp page, I have some tags, with links. Since I am using tags, I just
used some normal html style links. Not html:link calls.

When a user requests hits a link, and calls another xxx.do, the request goes
back to the RequestProcessor, and it thinks the session.isNew(), and I end
up creating all the session beans again.

After that it works as it should, but I end up with 2 (jsessionid) cookies
being created for each user?

I am seeking advice, as to why this occured, and if this is normal behavior,
or not-normal behavior. Upon researching the topic over the weekend, I was
unable to find any threads, about this.

Am I doing something wrong, or possibly a logic-flaw somewhere.

Thanks,

user@struts.apache.org

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]