This will only work if the client has allowed cookies. If cookies are not
allowed then this setup will fail.
----- Original Message -----
From: Bartsch Axel
To: [EMAIL PROTECTED]
Sent: Monday, December 04, 2000 6:02 PM
Subject: Re: Session tracking
Hi,
Here how I implemented the session tracking using cookies.
I use the following code after a successfull login was performed by the
user:
HttpSession session=request.getSession(true); // get a new session if not
already existing
// the sessionId is stored in a cookie in my case
session.setMaxInactiveInterval(3600000); // set the max Interval to 1h (the
API descibes to set the time in sec: but it seems to be an error according
// to my tests and also to the SUB bug list: there it is described to use
milliseconds): the time after which the session is cancelled if the user has
not
// been active anymore (no click)
session.putValue("user",user); // here I store an object containing user
data: to identify the user later
Then at further requests I use the following code:
HttpSession session;
session=request.getSession(false); // get an existing session, if non
available 'null' is returned
if (session==null)
{
// send the login page again!
}
User user=(User)session.getValue("user"); // retrieve the saved 'user'
object
file://continue to process the servlet treatment
perhaps we can stay in contact.
I'd like to know the experience you will make with the session handling
especially concerning the MaxInactiveInterval:
will it really expire in 1 hour in my example?
bye
Axel
> -----Original Message-----
> From: A.R.Karthikeyan [SMTP:[EMAIL PROTECTED]]
> Sent: vendredi 1 d> �cembre 2000 15:52
> To: [EMAIL PROTECTED]
> Subject: Session tracking
>
> Hi everybody,
> How can I maintain a session for a user who has logged in from the home
> page , across multiple HTML pages(links) generated by multiple servlet
> programmes?
> The very first page of the site is a login page and all the subsequent
pages
> can be accessed only if the login is right.
> Once a user logs in correctly , a session is created using HttpSession
sess
> = req.getSession(true)and i put the login value of the user in the session
> using sess.putValue("login",value).My question is now when the user clicks
> on the links of this page which are html pages generated by other servlet
> programmes ,should i use HttpSession sess = req.getSession(true) in each
of
> these programmes to maintain the same session.If not how can i maintain a
> session for everyuser who logs onto to the site.
> To remind u -every page of the website is a protected resource.
> I've run into a state of confusion in this particular session maintenance
> scenario.
> Hope somebody would help me out with this with some clear suggestion and
> solution!
> Thanx in advance
> Karthikeyan A.R
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
