JDBCRealm - Session not timing out

2003-07-10 Thread Rick Roberts
Should my JDBCRealm login reset when the session times out? I have tried it in both Basic AUTH and Form AUTH. My session never times out. Actually, I'm not sure if session times out our not, (I have no session objects in this test app) but if it does time out, my JDBCRealm login does not know

Re: JDBCRealm - Session not timing out

2003-07-10 Thread Jacob Kjome
At 12:09 PM 7/10/2003 -0400, you wrote: Should my JDBCRealm login reset when the session times out? I have tried it in both Basic AUTH and Form AUTH. My session never times out. I'm not entirely sure about Form AUTH, but Basic AUTH doesn't use sessions. The browser caches the login information

RE: JDBCRealm - Session not timing out

2003-07-10 Thread Mike Curwen
: Thursday, July 10, 2003 11:16 AM To: Tomcat Users List Subject: Re: JDBCRealm - Session not timing out At 12:09 PM 7/10/2003 -0400, you wrote: Should my JDBCRealm login reset when the session times out? I have tried it in both Basic AUTH and Form AUTH. My session never times out. I'm

RE: JDBCRealm - Session not timing out

2003-07-10 Thread Jacob Kjome
- From: Jacob Kjome [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 11:16 AM To: Tomcat Users List Subject: Re: JDBCRealm - Session not timing out At 12:09 PM 7/10/2003 -0400, you wrote: Should my JDBCRealm login reset when the session times out? I have tried it in both Basic AUTH

RE: JDBCRealm - Session not timing out

2003-07-10 Thread Mike Curwen
-Original Message- From: Jacob Kjome [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 12:29 PM To: Tomcat Users List Subject: RE: JDBCRealm - Session not timing out Basic AUTH gets resent automatically, you'd just start them over with a new session. Don't make any

Re: JDBCRealm - Session not timing out

2003-07-10 Thread Rick Roberts
My application is now timing out correctly, using Form AUTH. Not sure why it would not do it earlier, unless it had something to do with me deleting everything out of the working directory before trying the test again. I will continue to test it and let you know what I see. --

Re: JDBCRealm - Session not timing out

2003-07-10 Thread Rick Roberts
I'm not entirely sure about Form AUTH, but Basic AUTH doesn't use sessions. The browser caches the login information provided and re-sends it on each request. So, there is no real time out for Basic AUTH. The only equivalent would be to close all open browsers. This deletes the cache of

RE: JDBCRealm - Session not timing out

2003-07-10 Thread Mike Curwen
where URL rewriting is *always* done (like iPlanet). -Original Message- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 12:56 PM To: Tomcat Users List Subject: Re: JDBCRealm - Session not timing out I'm not entirely sure about Form AUTH, but Basic AUTH

Re: JDBCRealm - Session not timing out

2003-07-10 Thread Rick Roberts
OK. I think that I have all the information I need to continue. When I run this piece of code: % session = request.getSession(); if( session.isNew() ) out.println( brNew Session ); else{ out.println( brUsing Old Session ); Enumeration enames = session.getAttributeNames();