Bala Suresh wrote:
> Hi,
>
> Is there a graceful way of checking whether a HttpSession has expired or
> not?
>
> In this context, I would like to let u know what I am doing right now.
>
> I have a bean that stores the session information in a hashtable. I create
> the hashtable in the bean by invoking its initialize method in my logon
> screen. In all the subsequent pages, the first thing I do is to check if the
> hashtable in the bean is null or not. If null, that means the bean instance
> that exists now has not been initialized and hence not the same one that was
> initialized in the logon screen. Hence the assumption is the session has
> expired in the intervening period, and the user has to be redirected to the
> logon screen.
>
Sounds like a reasonable approach to detecting that the previous session is gone.
>
> My jsp container is weblogic 4.5.1 which, while getting the bean instance,
> checks if the existing instance is null or not, if null creates a new
> instance by default.
>
> Here's my problem though...
>
> After the user is being redirected to the logon screen, instead of doing a
> proceed to reach the subsequent pages sequentially, the user might choose to
> press back button in the browser. In which case,my session expiry check in
> the bean fails as I have an active session now and those pages of mine which
> belonged to my older session would be invoked in the context of my new
> session, thus leading to null pointer exceptions while trying to access
> certain should-be-present attributes in the bean ... How to get around this
> problem?
>
How about modifying your login logic to only create the Hashtable after a
successful login (instead of just when the login page was accessed)? That way, if
the user goes back through the page history, your logic will redirect them --
because the old session ID that they ask for will not be valid, and your redirect
logic will catch it.
>
> Thanks in advance,
> B. Suresh
>
Craig McClanahan
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
