Hi Cgriffith,
Thanks alot for your reply. Please find my reply inline, MARKED AS RED.
The flow should occur like this...
1 User A is on page 1
2 User A's session expires
3 Your session listener is invoked and does some majic to save the
session stored objects.
This is where the problem arises. We don't have any unique key here to
store session object. If I keep the userId as key, thats not right as the same
user can have multiple browsers open. Also I thought to keep Request object as
the key, but unfortunately that also won't work, as the complete request object
is changed. A new request is created (although the old parameters are kept but
not the attributes or other information). Thus there is no unique key to store
the session object. Also, if assume that somehow we manage to store the session
object, what abt the request attributes. There is no way to determine those
attributes. Page2 may expect lots of attributes in request and session to paint
the page.
4 User A requests page 2.
5 The container determines user A's is not authenticated/authorized
(becuase no Principal stored in session), stores the request (and all it's
contents) in new session, and forwards user to login page
Small correction, It stores only requets parameters not all its contents.
6 User authentciates/authorizes, a new session is created by container,
user is forward to original request page 2.
7 your session listener was invoked as part of step 6, which majically
restores session stored object.
Again the same problem of key
If this is not what is happening, please explain where it is going wrong.
And more importantly, how did you implement the majic?
Hope, u have now understood my problem. Now I got the impression that this is
something not possible and logical too. If u really want to implement this
scenario where the application flow should be maintained even after Session
time out, u should not keep any required information in Session or request
attributes. otherwise it doesn't seems to be possible to again store all
session/request attributes and put them into new session/request.
Please correct me, if u feel I am wrong.
regards,
Ashish
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3947250#3947250
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3947250
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
