[jboss-user] [JBoss Portal] - Manage the HttpSession

marimuthub Wed, 12 Dec 2007 05:30:10 -0800

Hi,

We have AuthenticationFilter for our application. Each request from any portal 
page of our application is going through AuthenticationFilter. 
We are getting forbidden error for the following scenario
Open new browser login to application using user name called âXâ. Login is 
success and user is directed to user home page. Close the browser
Open new browser login to application using user name called âYâ. Here we 
getting 
Forbidden error instead of redirecting to user home page


We are managing the HttpSession as follows for each scenario.

User Login:
=============
// To get the session
HttpSession session = request.getSession();
// To set any value
request.getSession().getServletContext().getContext("/portal")
                                        .setAttribute(key,value);
// Forward to user home page
RequestDispatcher rd = request.getSession().getServletContext()                 
.getContext("/portal").getRequestDispatcher(
                                                        resUrl.toString());

rd.forward(request, response);

Subsequent request after login :
========================
HttpSession session = req.getSession();


User logout:
============
// to remove any value
req.getSession().getServletContext().getContext("/portal")
                                .removeAttribute(key)
// to invalidate the session
req.getSession().invalidate();


Please help us to resolve the issue

Regards
Marimuthu


View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4112254#4112254

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4112254

_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [JBoss Portal] - Manage the HttpSession

Reply via email to