Exactly, I was about to write this solution. Yasir did a very clear
explanation. {:)
This is the way to go regarding session timeout checks, this is also how you
do it in ASP.
In the above case, the user can still use the back button but the moment he
presses any of the submit button(s), the server side will detect that
session has timed out and such, user will be redirected to your login page.
This is the usual behaviour
and as such, you don't have to do anything more.
But if you really need to get rid of the back button, meaning, the moment
user hits the back button, the page needs to check (on the client-side) if
session has timed out so that the page won't wait until the user clicks on
any of the submit buttons, then, you do need to write a JavaScript program.
In cases where developer wants to prevent user from typing in so many data
and then, after hitting the submit button, user will just find out that
session has timed out. Very ugly/frustrating scenario. {:(
A small piece of code that auto-submit whenever an 'onfocus' event on the
outermost table tag might do the trick. The recipient server side JSP should
do the solution mentioned below and then, the user will be redirected to the
login page if session has timedout or just do nothing if session hasn't
timed out so that user can continue what he wants to do.
Sample submit JavaScript code:
<table name=OutermostTable
onfocus="JavaScript:document.YourForm.submit();">...</table>
But then to reiterate once more, this is usually unneeded in most cases. So,
the solution mentioned down below is sufficient.
-gerardo
-----Original Message-----
From: A mailing list about Java Server Pages specification and reference
[mailto:[EMAIL PROTECTED]]On Behalf Of Yasir Feroze Minhas
Sent: Thursday, July 27, 2000 11:22 PM
To: [EMAIL PROTECTED]
Subject: Re: Session timeout
Hi there,
One sloution is javascript as explained by Suriya Narayan. The other is to
include a front component in every JSP page you are developing and when your
user log in , put a value say userid or sessionExist in the session object
and try to retrieve that value in your front component. If you get that
value it means everything is fine and session still exists. If you are
unable to get that value it means the session has expired and then take your
user to log in page. Here is a simple sample front component
FrontComponet.jsp
-------------------
<%
if (null == session.getValue("userId"))
response.sendRedirect("/login-user.jsp");
}
%>
----- Original Message -----
From: Raghavendra i Rao <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 26, 2000 8:18 AM
Subject: Session timeout
> How can I timeout a session using JSPs ?? i.e if the User is initially
logs into my web site and then is idle for 15 minutes I want to timeout his
sesion .After the timeout, if the User clicks on anything on the existing
page I want to redirect him to the Login page of the application. Also if
he goes back in the browser (Using the Back button) I do not want to allow
him to do that. I am quite new to JSP and hence any help will be highly
appreciated.
> Thanks in advance.
>
>
> _________________________________________________
> Get Your Free Email At, http://www.rediffmail.com
>
> Partcipate in crazy Re.1 auctions at http://www.rediff.com/auctions
>
>
===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
