Yes, you'd want to have an up-front check for expired sessions on each
request. There are various ways to achieve that; you could have a base
action which does the check, use a filter, or customize the Struts
request procession life-cycle (using a custom request processor
implementation or modified chain config, depending on what version of
Struts you're targeting).
L.
Givler, Eric wrote:
Do you generally put any session related expiry code in a base action class so you can forward prior to calling your execute() method in the action if the session is no longer "active"?
That is, I really wouldn't want any of the action class code running, and
currently the application I'm working on was Model 1 which routed to a
Logout.jsp when the session information was missing. I'm in the process of
rewriting it. Since the action is firing before the JSP, I can see where it
might execute something and not get trapped until it hits the JSP. [Like save
a record w/o putting in the user's information which was maintained in the
session and now we don't know who changed the record.]
Am I missing the boat here? (this if my first Struts project)
-----Original Message-----
From: news [mailto:[EMAIL PROTECTED] Behalf Of Laurie Harper
Sent: Friday, July 28, 2006 3:40 PM
To: user@struts.apache.org
Subject: Re: Session Tracking
Importance: High
You only need to do that if you need to take some action on session
expiry; the servlet container will take care of calling
session.invalidate() for you automatically.
L.
Patil, Sheetal wrote:
Create an listener and configure it in your web.xml
<listener>
<listener-class>org.Application.SessionCounterListener</listener-class>
</listener>
public class SessionCounterListener implements HttpSessionListener
{
/**
* this method is automcatically called when a session is created
with the site
*/
public void sessionCreated( HttpSessionEvent httpSessionEvent )
{
}
/**
* this method is called when a session is destroyed
*/
public void sessionDestroyed( HttpSessionEvent httpSessionEvent )
{
}
}
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 4:02 PM
To: user@struts.apache.org
Subject: RE: Session Tracking
Hi All,
What code do I explicit need to write to be able to call
session.invalidate() when the session timeout happens ?
For eg
1) I have opened a window
2) Timeout is set to 5 mins.
3) There is no activity on the browser for 5 mins
How will my application get to know that I need to call
session.invalidate() for this session?
Do I need to write listener classes? Can anyone post a code snippet?
Thanks
Prerna
-----Original Message-----
From: Patil, Sheetal [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:28 AM
To: Struts Users Mailing List
Subject: RE: Session Tracking
As I know session timeout value is used, if for that perticular time if
user is inactive then distroy the session.
And as close window dosen't contact with server you can't track it
(preferably use session timeout) or
use ajax and send distroy request to server on pageclose event if
possible
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, July 28, 2006 11:11 AM
To: user@struts.apache.org
Subject: Session Tracking
H All,
I am using struts framework and tomcat as the webserver. I want to
implement session tracking and explicitly expire the session after a
fixed period of inactivity.
So the session needs to expire in the following scenarios
1) User clicks on Logout on JSP page ( Can this be achieved by
explicitly doing session.invalidate() ?)
2) User clicks on the close button on window
3) The session is inactive for lets say 5 mins
4) The session timeout ( depending on the value set in web.xml)
Can you tell me the best design approach to handle this? Should I take
care of all in a class which extends ActionServlet?
Regards
Prerna
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
