Re: cleaning up sessions ...

[Mufaddal Khumri]

Exactly. I have a session attribute in my session that i set to true . 
and if that session attribute is not present or is false i redirect 
them to the authentication page.

I did the following to my server.xml :

<Manager className="org.apache.catalina.session.PersistentManager"
              debug="0"
              saveOnRestart="false"
              maxActiveSessions="-1"
              minIdleSwap="-1"
              maxIdleSwap="-1"
              maxIdleBackup="-1">
                <Store 
className="org.apache.catalina.session.FileStore"/>
 </Manager>

Now  i go to the tomcat manager and reload my webapp . I am navigating 
the webapp in a browser when this happens (ie i am currently a user 
using a valid session ) .. after the webapp reloads ... i continue 
using the webapp by clicking on say a link ... which takes me to some 
other jsp page ... i do a check on top of this jsp page for this 
"attribute" ... and it still persists . This is what threw me off .. 
and i could not understand where i was doing what wrong ...

Any help appreciated

Thanks.

On Thursday, September 18, 2003, at 01:19  AM, Shapira, Yoav wrote:

Howdy,

all pages i do a checkAuthetication .. how do i check if the session 
is
active or not ? .. so that i can detect that and redirect them to the
Hmm... I would do this using attributes.  All attributes are unbound
when the session is invalidated.  So add an attribute to the session
when you authenticate people, and check for that attribute in your
pages.  If it's not present, redirect them to the authentication page.
Yoav Shapira



This e-mail, including any attachments, is a confidential business 
communication, and may contain information that is confidential, 
proprietary and/or privileged.  This e-mail is intended only for the 
individual(s) to whom it is addressed, and may not be saved, copied, 
printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your 
computer system and notify the sender.  Thank you.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]