this will work for a logout... but what if the user is getting for the
first time to the site? He won't have a session, so it'll be a no-valid
session...
I think the best solution will be to attach the user to the session the
first time he logs in, then each time a request is made, check the user
name (stored as a session parameter) and see if it has the right id. In
the logout, the name is released from the session id, so if someones
tries to connect with that user name, will have to re-login.
On Wednesday, May 9, 2001, at 08:23 PM, Gokul Singh wrote:
> // notice that false will not create a new session id if a valid
> session is
> not attached with the request.
> HttpSession ses = theRequest.getSession(false);
> if(ses == null)
> {
> // no valid session..
> }
> else
> {
> // valid session...
> }
>
>
> Regds,
> Gokul
PS: thanks for the link to the archives!!! :-) I'll also try that...
Mike
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
