-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------

> basically, the session can get invalidated on the server in 2 ways:
> 1. it times out.
> 2. your code invalidates it ( when the user logs out or something).
>
> there is no way to distinguish between those ( at least no easy way). you
> could always maintain Sessions for the users on the server and instead of
> invalidating the session, set a flag or something in the session to mark it.

Ok, when it's a fact, that it is not possible to distinguish, I think I have to
set
another cookie on the client telling that he has logged out correctly. But it
would
be nicer if the SessionId-Cookie could be deleted within the invalidate-method
:-)

 Marcus.





--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]

Reply via email to