We must be stateful. This not an internet application (although it will be used across the internet.) It's an enterprise app and we must use state. Also, the users have requested they be able to use multiple browsers and won't want to log into to each one.
I looked at HttpSessionBindingListener but didn't get a real good feel for how it can help us when the browser (or I should say when all browsers) have gone away and the user needs to log back in. Note: we flip a logged in flag during the login process to prevent the user from logging in twice. This gets flipped back when the user logs off or the session expires. This flag will prevent the user from logging back in, unless we can somehow get around cases where they've exited without logging out. I'm sure this is an age old browser problem and I'm sure there have been good solutions to getting around this. So I'm hoping someone can steer me in the right direction. Thanks a ton. -----Original Message----- From: Tony Baity [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 01, 2002 11:45 AM To: Struts Users Mailing List Subject: RE: Ending a Session After Browser Has Gone Away Look in the javadocs for HttpSession and how to use HttpSessionBindingListener . I recommend allowing each browser instance to be allowed to login. Try to be stateless. If you want to do anything at all in the case of session timeout, use the HttpSessionBindingListener Becky Moyer wrote:Just set a short session timeout. 3 minutes of inactivity, session expires. So by the time they reboot, they have to log in again. Yeah, if someone stares at the page for 3 minutes and does something, they have to log in again, but if you're that concerned with sessions getting cleared, then it's not such a big deal. Anything wrong with this? Becky > -----Original Message----- > From: Cohan, Sean [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August 01, 2002 11:33 AM > To: 'Struts Users Mailing List' > Subject: RE: Ending a Session After Browser Has Gone Away > > > Any suggestions? > > -----Original Message----- > From: James Mitchell [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August 01, 2002 11:34 AM > To: Struts Users Mailing List > Subject: RE: Ending a Session After Browser Has Gone Away > > > The web being the stateless environment that it is, you have no way know > (without using javascript) that a user has closed a browser. > > I wouldn't advise to doing this anyway, because the user may have > more than > one window open, so if they close one of them and try to continue > using your > site, they will be met (rather rudely) with your login screens. > > I can't speak for other people, but whenever I'm navigating a > site that does > a shit job of navigation hierarchy, I always use shift+click if I want to > keep the current page and not be sent off deep in the site with no hope of > finding the original spot that sent me. If the site did as you propose, > this would result in a very pissed off user. And you could bet that you'd > hear about it (from me at least). > > Oh well, that's my 2 cents. > > > > James Mitchell > Software Engineer\Struts Evangelist > Struts-Atlanta, the "Open Minded Developer Network" > http://www.open-tools.org/struts-atlanta > > > > > > -----Original Message----- > > From: Cohan, Sean [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, August 01, 2002 11:06 AM > > To: [EMAIL PROTECTED] > > Subject: Ending a Session After Browser Has Gone Away > > > > > > Is there a way to end a user session if the browser has closed either > > through user action or non-user actions such as power outages? > > If not, what > > are typical ways to get around this? We are talking about > > allowing the user > > to login again, checking for a current user session, and if > they have one, > > killing it and starting a new one. Is this a sound approach? Thanks. > > > > > > Sean Cohan > > Software Performance Systems > > > > > > > > -- > > To unsubscribe, e-mail: > > > > For additional commands, e-mail: > > > > > > > > > -- > To unsubscribe, e-mail: > > For additional commands, e-mail: > > > -- > To unsubscribe, e-mail: > > For additional commands, e-mail: > > -- To unsubscribe, e-mail: For additional commands, e-mail: --------------------------------- Do You Yahoo!? Yahoo! Health - Feel better, live better -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
