So are you saying that you have tomcat handling both html and jsp's? Unfortunately I don't have that luxury in our environment. Apache serves html, Resin serves jsps.
Brian -----Original Message----- From: Jim Barrows [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 28, 2004 4:00 PM To: Struts Users Mailing List Subject: RE: Not Logged in with the same loggin-password if it is already registered. > -----Original Message----- > From: McClung, Brian [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 28, 2004 1:57 PM > To: 'Struts Users Mailing List' > Subject: RE: Not Logged in with the same loggin-password if it is > already registered. > > > This topic brings up a question that I have oftened wondered about. > How does everyone handle sign on and static content where there is no > jsp page? > Include a jsp in the html? Set up a cookie? The problem to the > cookie is that they can be blocked or the html code to verify the > cookie has to be javascript which can be circumvented by being turned > off. I have lots of content (html), but very few jsp pages. The > HttpSessionListner seems like it might work, but then I am still > taking my static page and including dynamic content. Any thoughts? Apache + Tomcat.... I think... I just use Tomcat for everything, with OSCache (when I have my druthers). Then in your web.xml set up your security for your static pages... > > -----Original Message----- > From: Geeta Ramani [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 28, 2004 3:40 PM > To: Struts Users Mailing List; Struts Users Mailing List > Subject: RE: Not Logged in with the same loggin-password if it is > already registered. > > Yes but wont the container "know" when a user closes his/her window? > Are you saying this isn't something that a container will be notified > about..?/ ..hmm... maybe not... ok, Robert scratch my earlier > note..(like I said i ought to go home..) > > > -----Original Message----- > > From: Brett Connor [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, July 28, 2004 4:47 PM > > To: Struts Users Mailing List > > Subject: Re: Not Logged in with the same loggin-password if it is > > already registered. > > > > > > AFAIK session timeout is the only notification you can get > here. There > > are undoubtedly some wacky things we can do with javascript > - reduce > > the session timeout to a small value and include some javascript > > polling in every page or something along those lines, but > at the end > > of the day it comes down to a timeout. The session listener will be > > called for any session created / destroyed as soon as the > container is > > aware itself. > > Brett > > > > > > Robert Miller wrote: > > > > >How do you handle the situation where the user closes the > > browser without logging out (the windows "X" is not always > our friend > > ;) ). I am not familiar with the SessionListener. Would > it help in > > some way? > > >Robert > > > > > > > > > > > >>>>[EMAIL PROTECTED] 7/28/2004 3:25:16 PM >>> > > >>>> > > >>>> > > > > > >Exactly! Or use HttpSessionlistener and database solution > > (that jim outlined) simultaneously.. > > > > > >(We are doing almost this except as a solution to a kind of > > "opposite" problem - when a user logs off we need to do > soem work so.. > > this seems to work nicely) > > > > > > > > > > > >>-----Original Message----- > > >>From: news [mailto:[EMAIL PROTECTED] Behalf Of Bill Siggelkow > > >>Sent: Wednesday, July 28, 2004 4:28 PM > > >>To: [EMAIL PROTECTED] > > >>Subject: Re: Not Logged in with the same loggin-password if it is > > >>already registered. > > >> > > >> > > >>Maybe you could have a hashtable in the ServletContext that maps > > >>loginId to HttpSession -- then use a HttpSessionListener > to listen > > >>for session creation -- when the session is created look > for a value > > >>in the hashmap in the servlet context -- if it is there then > > >>invalidate the mapped session. Then add (put) the new > mapping into > > >>the hashatable. > > >> > > >>Ricardo Andres Quintero wrote: > > >> > > >> > > >> > > >>>Hello Guys > > >>>I need not to let users to login in my app simultaneosly. > > >>>I mean if a login-password is actually logged in, i need to > > >>>invalidatye that session and then let the new login-password to > > >>>work in, after invalidating the old session. > > >>> > > >>>Any ideas? and of course any examples? > > >>> > > >>>-- > > >>>Ricardo Andrés Quintero R. > > >>>Ubiquando Ltda. > > >>> > > >>> > > >>------------------------------------------------------------ > > --------- > > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > > >>For additional commands, e-mail: [EMAIL PROTECTED] > > >> > > >> > > >> > > >> > > > > > > >--------------------------------------------------------------------- > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
