hi there, I would appriciate help regarding the following:
I want to enforce a user to relogin once the session dies, to do so i save an encrypted value in session attributes. Two strange things happen: The first thing is that i can't always bring the session down even with a one minute time out and even after killing the tomcat and running it again.( I get the same session id) The second thing is although the session dies, the encrypted attribute still exists. That is a more serious problem since i skip the login. the reason i have to relogin is that I don't hold the hashtables i created in the previous session and at that point my application assumes i do hold them. I hope my problem is clear enough. Thanks in advance, Etay.
