If you care enough about this situation you can satisfy most of it with an authentication filter and a custom logon action.
When the container times out the session it doesn't touch the browser. When the user clicks on a field to create an action the request is still available to the container. If you write your own authentication filter, you can take what you need from the request and stick it someplace until the user establishes a valid session. When the user has established the session then you grab it and put him back where he was. Edgar -----Original Message----- From: David Graham [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 04, 2002 4:59 PM To: '[EMAIL PROTECTED]' Subject: Re: Request losing data after container security check That's the way session time outs are supposed to work. This is a security feature when people leave in the middle of something. The user must complete the transaction in one sitting. If you don't want that to happen then set your session timeout to an incredibly large number of minutes or (I think) entering 0 disables it on some containers. David >From: "Michael Lee" <[EMAIL PROTECTED]> >Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> >To: "Struts Users Mailing List" <[EMAIL PROTECTED]> >Subject: Re: Request losing data after container security check >Date: Wed, 4 Dec 2002 16:50:40 -0500 > >i know. >a.jsp calls a.do which forwards to b.jsp >user enters data in a.jsp >user leaves >session times out >user clicks submit on a.jsp >a.do action is of scope request >when we get to b.jsp, it should display the data entered on a.jsp >(verify >screen) >it does not if the session times out and the user has to log in again >thanks, >Mike > >----- Original Message ----- >From: "David Graham" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Wednesday, December 04, 2002 4:09 PM >Subject: Re: Request losing data after container security check > > > > The session only times out if it's idle; it won't timeout in mid >request. > > You lose session data when it times out. You lose request data > > after >the > > response has been sent for a particular request. > > > > David > > > > > > > > > > > > > > >From: "Michael Lee" <[EMAIL PROTECTED]> > > >Reply-To: "Struts Users Mailing List" > > ><[EMAIL PROTECTED]> > > >To: "Struts Users Mailing List" <[EMAIL PROTECTED]> > > >Subject: Re: Request losing data after container security check > > >Date: Wed, 4 Dec 2002 15:48:15 -0500 > > > > > >?This doesnt sound right. > > >Its just an http request. It shouldn't lose anything except session >data. > > >The container should route the http request and all the request > > >items >from > > >the form. > > >thanks, > > >Mike > > > > > >----- Original Message ----- > > >From: "David Graham" <[EMAIL PROTECTED]> > > >To: <[EMAIL PROTECTED]> > > >Sent: Wednesday, December 04, 2002 3:03 PM > > >Subject: Re: Request losing data after container security check > > > > > > > > > > If the session times out then you probably want the user to go > > > > back >to > > >the > > > > start page anyways. Request data is only stored by the > > > > container >long > > > > enough to complete a request for one page so it won't be around >after > > >that > > > > request. > > > > > > > > David > > > > > > > > > > > > > > > > > > > > > > > > > > > > >From: "Michael Lee" <[EMAIL PROTECTED]> > > > > >Reply-To: "Struts Users Mailing List" ><[EMAIL PROTECTED]> > > > > >To: "Struts Users Mailing List" > > > > ><[EMAIL PROTECTED]> > > > > >Subject: Request losing data after container security check > > > > >Date: Wed, 4 Dec 2002 14:27:16 -0500 > > > > > > > > > >I have a screen a.jsp that calls a.do which then forwards to > > > > >b.jsp I have a form called AForm.java. I have a field called > > > > >email in > > >AForm.java. > > > > >In a.jsp a user can set email, call a.do and then forward to > > > > >b.jsp > > >which > > > > >does a <bean:write name="aForm" property="email"/>. This works > > > > >just > > >fine > > > > >and outputs the email. > > > > >Problem is, if the session times out (15 mins) then the user is > > >required > > >to > > > > >log back in. If the data is entered on a.jsp and the session > > > > >times >out > > >and > > > > >the user clicks submit, then when it gets to b.jsp it doesn't > > > > >have >any > > > > >data? In the struts config a.do is of scope="request". I would >think > > >that > > >a > > > > >request would keep that data unlike scope="session". > > > > >I want to keep the data upon submit, even if the container > > > > >wants to validate the user. thanks, > > > > >Mike > > > > > > > > > > > > _________________________________________________________________ > > > > The new MSN 8: advanced junk mail protection and 2 months FREE* > > > > http://join.msn.com/?page=features/junkmail > > > > > > > > > > > > -- > > > > To unsubscribe, e-mail: > > ><mailto:[EMAIL PROTECTED]> > > > > For additional commands, e-mail: > > ><mailto:[EMAIL PROTECTED]> > > > > > > > > > >-- > > >To unsubscribe, e-mail: > > ><mailto:[EMAIL PROTECTED]> > > >For additional commands, e-mail: > > ><mailto:[EMAIL PROTECTED]> > > > > > > _________________________________________________________________ > > Add photos to your e-mail with MSN 8. Get 2 months FREE*. > > http://join.msn.com/?page=features/featuredemail > > > > > > -- > > To unsubscribe, e-mail: ><mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: ><mailto:[EMAIL PROTECTED]> > > > >-- >To unsubscribe, e-mail: ><mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: ><mailto:[EMAIL PROTECTED]> _________________________________________________________________ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
