HI I think Christopher is right. Popping up the user is not that much useful. I think it is good that you directly redirect the user to login page, if set session time out value expires on server site with Session time out error message.
Here I have Q for Chirstopher : Christopher below is some text from your post " J2EE authorization mechanism is designed to allow you to pick up where you left off if your session times out(because it remembers the page you were trying to access after you login). ". Can you please put some light on this one? I don't find any thing in session api which actually does the what you are session. Nitin -----Original Message----- From: Christopher Schultz [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 21, 2006 12:39 PM To: Struts Users Mailing List Subject: Re: session maintenance in struts webapp -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Richard, Gundersen, Richard wrote: > In the JavaScript, you could just do a simple loop that counts down from > <session-timeout>....zero. When the loop gets to within e.g. 60 seconds > from zero, pop up your message. You don't want to do this. You want to use "setTimeout", which allows you to schedule a bit of code to be run after a certain interval. My bank does this, and I hate it. After a few minutes, it says "you are about to be logged out, click OK to stay logged-in". It does this with a javascript alert and more than half the time, my session times out before I bother to click either "Ok" or "Cancel". I find this to be a completely worthless feature, especially because the J2EE authorization mechanism is designed to allow you to pick up where you left off if your session times out (because it remembers the page you were trying to access after you login). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFY2Pa9CaO5/Lv0PARAobAAKCzo9aYwW+hZFKU8T9TW7kUgtxrvwCfbFk5 zr4fqqpJ4eqP/YMpV8GGxSI= =MJwc -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]