Why Don't you use isNew() method for checking the new user? Regards RajamanI M
-----Original Message----- From: A mailing list for discussion about Sun Microsystem's Java Servlet API Technology. [mailto:[EMAIL PROTECTED] Behalf Of Ming Li Sent: Saturday, December 11, 2004 3:03 AM To: [EMAIL PROTECTED] Subject: Re: session timeout Thanks for the reply, Wei Cheng. Your solution works fine when the user's session has already been created. But if a user requests a secured web page immediately after his/her Web viewer is started, at that moment the user session has not been created yet, in this case, the authentication filter will capture the user's attempt and redirect the user to the timeout page, instead of the login page... On Fri, 10 Dec 2004 08:58:32 +0800, Wei Cheng <[EMAIL PROTECTED]> wrote: >Sessions have a lifespan of their own. >first prevent a new session from being created with > >HttpSession session = request.getSession(false); > >then you can check if the session exists . if it is null, it means the >session has timed out and had been destroyed . >You can then forward the page to somewhere else. > > if (session == null ) > { > RequestDispatcher rd = >request.getRequestDispatcher("some_servlet"); > rd.forward(request, response); > return; > } > >if you want the pages to automatically go somewhere when it times out, use >a javascript timer. >Best Regards, >Wei Cheng, Yeo >Software Engineer >--------------------------------------------------------------------------- ----------------- >Jebsen & Jessen Communications (S) Pte Ltd > > > > > >Ming <[EMAIL PROTECTED]> >Sent by: "A mailing list for discussion about Sun Microsystem's Java >Servlet API Technology." <[EMAIL PROTECTED]> >12/10/2004 05:53 AM >Please respond to "A mailing list for discussion about Sun Microsystem's >Java Servlet API Technology." > > > To: [EMAIL PROTECTED] > cc: > Subject: session timeout > > >I have a Web site which has some contents require user login to access. >I'd >like to redirect the user to a page displaying "session timed out" message >when the user's login session expired and redirect the user to the login >page when a user tries to access secured content (let's say he booked mark >a URL of secured content when he logged in last time) before login. I >tryed >to do this by creating an object, putting it in a user's session when the >user has been authenticated and checking the object's existance in a >filter. But this doesn't work, as in either case the object doesn't exist >- >either the object has not been created since the user has not logged in, >or, the session timed out and the object is unbound from the session. > >Any suggestions? > >Thanks. > >___________________________________________________________________________ >To unsubscribe, send email to [EMAIL PROTECTED] and include in the >body >of the message "signoff SERVLET-INTEREST". > >Archives: http://archives.java.sun.com/archives/servlet-interest.html >Resources: http://java.sun.com/products/servlet/external-resources.html >LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > > >----------------------------------------------------------------------- >This transmission which may contain confidential and / or privileged >information is intended solely for the named recipients. If this >transmission reached you by mistake, please notify us immediately >by responding to this e-mail and then delete it from your system. >----------------------------------------------------------------------- > >___________________________________________________________________________ >To unsubscribe, send email to [EMAIL PROTECTED] and include in the body >of the message "signoff SERVLET-INTEREST". > >Archives: http://archives.java.sun.com/archives/servlet-interest.html >Resources: http://java.sun.com/products/servlet/external-resources.html >LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
