Re: session object is being dropped

Craig R. McClanahan Mon, 29 Nov 1999 16:28:04 -0800
There are a couple of embedded notes below that may or may not related to your
problem.

Nanduri Amarnath wrote:

> Hi ,
>      I am running JRun 2.3.3 on IIS4.0. I am facing a unique problem
>
> I create a session object in a Servlet LoginServlet ( after the user has
> successfully logged in ). This servlet redirects the user
> to a "MainJSP.jsp" page.  This page contains links to various JSP pages.  When a
> user enters every JSP page, this session object is checked for existance ( and
> if it exists then the user is allowed to view the contents of that particular
> page, else he will be kicked back to the LoginServlet ).
>
>  I am being shown  error1.html page if i keep the browser window inactive for
> more than 10 seconds....  In the Jrun admin i have set the session tracking
> variables for more than 1 hour...
>
> The way i go about doing it is as follows....
>
> LoginServlet :
> -------------------
>
>    public  void service( HttpServletRequest req, HttpServletResponse resp)
> throws ServletException , IOException
>   {
>    //      if user has successfully loggedin, then create a ssession object.....
>
>   Technician      tech  =  new Technician() ;
>
>     tech.setLoggedOn(true);
>     tech.setName(loginBean.getUser() ) ;
>     tech.setUserType(loginBean.getUserType() ) ;
>
>     // Put the Session back.. into the server
>     // Set the current user info for the session.
>     session.setMaxInactiveInterval(3600); //   1 hour

Are you sure that JRun uses seconds for this?  If they are milliseconds, this would
be 3.6 seconds.  Under any scenario, this overrides whatever default session length
you put in the JRun configuration.

>
>     session.putValue(Constants.TECHNICIAN,tech);
>
>     resp.sendRedirect( "/MainJSP.jsp") ;
>

I think I've heard about browser bug cases where the browser does not correctly deal
with cookies that are sent along with a redirect.  If the session ID cookie got
dropped, you'd see the symptoms you are experiencing.

Try using a RequestDispatcher.forward call like this instead:

    RequestDispatcher rd =
      getServletContext().getRequestDispatcher("/MainJSP.jsp");
    rd.forward(request, response);

(It will run slightly faster than the redirect as well, because it avoids the extra
round trip).

>   }
>
> SessionCheckJSP.jsp   // checks whether a session has already been created, and
> the user hasa valid login or not....
> ---------------------------------
>

Did you use session="true" in your <%@ page %> directive?

>
> <%
>      Technician  tech = (Technician)session.getValue(Constants.TECHNICIAN);
>      if(tech == null)   // no Technician ever exists
>        {
> %>
>        <jsp:forward page="/error1.html" />  // redirect user to the Error page
>       1
>
> <%     } else if(! tech.isLoggedOn() )   // user tried to access a jsp page
> illegally
>        {
> %>
>        <jsp:forward page="/error2.html" />  // redirect user to the Error page
>       2
>
> <%     } else
>        {
>         session.putValue(Constants.TECHNICIAN,tech);  // return the object back
> to the Hash Table
>        }

This step is not necessary -- the getValue() method does *not* remove it from the
session.  The Technician object will stay in the session until you remove it
yourself (HttpSession.removeValue()) or the session is invalidated or times out.

>
> %>
>
> MainJSP.jsp
> -------------------
>
> <%@ include file="/SessionCheckJSP.jsp" %>
>
> <jsp:include page="/LocObjectsJSP.jsp" flush="true"/>
>
> <html>
>
> <head>
> <title>Telecom Technician Main Page</title>
>
> </head>
>
> <frameset framespacing="0" border="0" rows="57,*" frameborder="0">
>   <frame name="banner" scrolling="no" noresize target="contents" src="top.htm">
>   <frameset cols="164,*">
>     <frame name="contents" target="main" src="MenuJSP.jsp" scrolling="auto">
>     <frame name="main"     target="_top" src="WelcomeJSP.jsp" scrolling="auto">
>   </frameset>
>   <noframes>
>   <body>
>
>   <p>This page uses frames, but your browser doesn't support them.</p>
>
>   </body>
>   </noframes>
> </frameset>
>
> </html>
>
> MenuJSP.jsp
> -------------------
>
> <%@ include file="/SessionCheckJSP.jsp" %>
> <html>
>
> <body>
>
>       <table border="0">
>         <tr>
>           <td width="100%"><a href="SelectWorkJSP.jsp"><img border="0"
> src="/telecom/images/select.gif" width="108" height="25"></a></td>
>         </tr>
> </body>
> </html>
>
> SelectWorkJSP.jsp
> ------------------------------
> <%@ include file="/SessionCheckJSP.jsp" %>
>
> .... some other jsp stuff..................
>

Craig McClanahan

===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
 http://java.sun.com/products/jsp/faq.html
 http://www.esperanto.org.nz/jsp/jspfaq.html
Re: session object is being dropped

Reply via email to
