See my replies below... >i could think of two ways: >1. use "hidden fields" to set a field indicating that the user already had >a session.
-How would the login jsp (form-based logon) have access to this info? The container stores the original url and parameters somewhere and then forwards the user on to the login page for authentication, only after successful authentication is the original url and parameters reinstated. This would also involve modifying every submittable form and hyperlink with this param, would it? >2. use "url rewriting" in your app: if you get a request with an >invalid(ed) session id, you know the session timed out. can anybody please clarify this: if a session timed out, the client doesn't know anything about this, so it should send the session with the following request, right? -mw At 11:53 07.03.2002 -0500, you wrote: >I have a web application which uses container managed authentication. > >When a user is logged into the application and the session times out, the >next user-initiated action will result in the login page being displayed >(the j2ee container makes this happen). > >How is it possible to tell that the reason that the user was directed to the >login page was because the session timed out and not because it was the >users first attempt at accessing the resource? > >I would like to display message to the user indicating that the reason they >are in the login page is the result of a session timeout. > >I am currently constrained to use of the Servlet 2.2/JSP 1.1 spec. > >TIA, >Michelle > >___________________________________________________________________________ >To unsubscribe, send email to [EMAIL PROTECTED] and include in the body >of the message "signoff SERVLET-INTEREST". > >Archives: http://archives.java.sun.com/archives/servlet-interest.html >Resources: http://java.sun.com/products/servlet/external-resources.html >LISTSERV Help: http://www.lsoft.com/manuals/user/user.html ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
