Hi, No. It is not CMS. protected void inValidateSession( HttpServletRequest request ){ HttpSession session = request.getSession( false ); if( session != null ){ session.invalidate(); }
As you say this code might be a problem. Don't remember why I added it. I'll have to check. Morever we change the system date because the database has records with previous dates. But if we also start tomcat after we change the system date then there should be no problem with the session? Mohan -----Original Message----- From: Michael C. Lee Jr. [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 8:57 PM To: Struts Users Mailing List Subject: Re: Session timeout problem Are you using container managed security? Home brewed? Whatever it is, the problem is most likely not with struts. I'm also guessing that there is no problem. You need to read the spec on how container managed security works if that's what your using. We had a lot of problems here with session timeout and they were all part of the spec. Mainly, that request parameters are 'lost' when a page is submitted after the session timeout value and your redirected to your login page (form based auth). Also, do you invalidate the session after you login? Usually, you would invalidate a session on a logout. Michael Lee ----- Original Message ----- From: "Mohan Radhakrishnan" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> Sent: Tuesday, February 25, 2003 6:36 AM Subject: Session timeout problem > Hi, > Our struts application ( I am not sure if it is the session > )occasionally timesout and throws us back to the login page. > > <session-config> > <session-timeout>15</session-timeout> > </session-config> > > This is not uniform. > > Whenever I login I use code like this > > protected void inValidateSession( HttpServletRequest request ){ > HttpSession session = request.getSession( false ); --> Is this > right? > if( session != null ){ > session.invalidate(); > } > } > > Does any of you see any problem here ? > > Mohan > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]