[Webware-discuss] Session timeouts

2004-03-19 Thread Aaron Switzer
I'm having a bit of an issue with session timeouts. It seems that the sessions are timing out regardless of whether or not the session has been accessed. A specific situation is with a call tracking system that I am developing internally for my employer. The user home page is set to refresh ever

RE: [Webware-discuss] Session timeouts

2003-02-18 Thread Geoffrey Talvola
Stuart Donaldson' > Cc: Chris Backas; WebWare Community > Subject: RE: [Webware-discuss] Session timeouts > > > I figured out the source of my confusion about the session expiration. > > In my testing, everything was working properly. After > session expiration, I >

RE: [Webware-discuss] Session timeouts

2003-02-18 Thread Geoffrey Talvola
I figured out the source of my confusion about the session expiration. In my testing, everything was working properly. After session expiration, I would get a new session ID and a fresh, clean session on the first request. It turns out that I was making that request after the session sweeper thr

RE: [Webware-discuss] Session timeouts

2003-02-17 Thread Geoffrey Talvola
Stuart Donaldson [mailto:[EMAIL PROTECTED]] wrote: > That is rather interesting. The SecureCountVisits page does > not check > for Application.createSessionForTransaction() as does the CountVisits page. > > It appears that when a session expires, the strategy is to call > Application.handleI

Re: [Webware-discuss] Session timeouts

2003-02-15 Thread Stuart Donaldson
Randall Randall wrote: Stuart Donaldson wrote: Probably what should happen, is that the SecureCountVisits example should be updated to include a check for isSessionExpired() and then display an expired sesion page. Shoudn't this be in SecurePage itself? Is it useful to

Re: [Webware-discuss] Session timeouts

2003-02-15 Thread Randall Randall
Stuart Donaldson wrote: > Probably what should happen, is that the SecureCountVisits example > should be updated to include a check for isSessionExpired() and then > display an expired sesion page. Shoudn't this be in SecurePage itself? Is it useful to have a page one only inherits to enforce lo

Re: [Webware-discuss] Session timeouts

2003-02-15 Thread Stuart Donaldson
That is rather interesting. The SecureCountVisits page does not check for isSessionExpired() as does the CountVisits page. It appears that when a session expires, the strategy is to call Application.handleInvalidSession() which basically removes the _SID_ reference so the browser will stop r

[Webware-discuss] Session timeouts

2003-02-14 Thread Chris Backas
Hello all, I've been having an interesting problem with dynamic session timeouts and the SecurePage skeleton provided by the examples. I've got a servlet hierarchy based on the SecurePage example to handle authentication. It generally works fine, but when the user leaves the session idle a l