But in the two scenarios I described in my previous message, the session does not exists, checking isNew() will only throw NullPointerException or IllegalStateException.
On Sat, 11 Dec 2004 09:52:59 +0530, Rajamani M <[EMAIL PROTECTED]> wrote: >Why Don't you use isNew() method for checking the new user? > >Regards >RajamanI M > >-----Original Message----- >From: A mailing list for discussion about Sun Microsystem's Java Servlet >API Technology. [mailto:[EMAIL PROTECTED] Behalf Of Ming >Li >Sent: Saturday, December 11, 2004 3:03 AM >To: [EMAIL PROTECTED] >Subject: Re: session timeout > > >Thanks for the reply, Wei Cheng. Your solution works fine when the user's >session has already been created. But if a user requests a secured web page >immediately after his/her Web viewer is started, at that moment the user >session has not been created yet, in this case, the authentication filter >will capture the user's attempt and redirect the user to the timeout page, >instead of the login page... > >On Fri, 10 Dec 2004 08:58:32 +0800, Wei Cheng <[EMAIL PROTECTED]> >wrote: > >>Sessions have a lifespan of their own. >>first prevent a new session from being created with >> >>HttpSession session = request.getSession(false); >> >>then you can check if the session exists . if it is null, it means the >>session has timed out and had been destroyed . >>You can then forward the page to somewhere else. >> >> if (session == null ) >> { >> RequestDispatcher rd = >>request.getRequestDispatcher("some_servlet"); >> rd.forward(request, response); >> return; >> } >> >>if you want the pages to automatically go somewhere when it times out, use >>a javascript timer. >>Best Regards, >>Wei Cheng, Yeo >>Software Engineer >>-------------------------------------------------------------------------- - >----------------- >>Jebsen & Jessen Communications (S) Pte Ltd >> >> >> >> >> >>Ming <[EMAIL PROTECTED]> >>Sent by: "A mailing list for discussion about Sun Microsystem's Java >>Servlet API Technology." <[EMAIL PROTECTED]> >>12/10/2004 05:53 AM >>Please respond to "A mailing list for discussion about Sun Microsystem's >>Java Servlet API Technology." >> >> >> To: [EMAIL PROTECTED] >> cc: >> Subject: session timeout >> >> >>I have a Web site which has some contents require user login to access. >>I'd >>like to redirect the user to a page displaying "session timed out" message >>when the user's login session expired and redirect the user to the login >>page when a user tries to access secured content (let's say he booked mark >>a URL of secured content when he logged in last time) before login. I >>tryed >>to do this by creating an object, putting it in a user's session when the >>user has been authenticated and checking the object's existance in a >>filter. But this doesn't work, as in either case the object doesn't exist >>- >>either the object has not been created since the user has not logged in, >>or, the session timed out and the object is unbound from the session. >> >>Any suggestions? >> >>Thanks. >> >>__________________________________________________________________________ _ >>To unsubscribe, send email to [EMAIL PROTECTED] and include in the >>body >>of the message "signoff SERVLET-INTEREST". >> >>Archives: http://archives.java.sun.com/archives/servlet-interest.html >>Resources: http://java.sun.com/products/servlet/external-resources.html >>LISTSERV Help: http://www.lsoft.com/manuals/user/user.html >> >> >> >>----------------------------------------------------------------------- >>This transmission which may contain confidential and / or privileged >>information is intended solely for the named recipients. If this >>transmission reached you by mistake, please notify us immediately >>by responding to this e-mail and then delete it from your system. >>----------------------------------------------------------------------- >> >>__________________________________________________________________________ _ >>To unsubscribe, send email to [EMAIL PROTECTED] and include in the body >>of the message "signoff SERVLET-INTEREST". >> >>Archives: http://archives.java.sun.com/archives/servlet-interest.html >>Resources: http://java.sun.com/products/servlet/external-resources.html >>LISTSERV Help: http://www.lsoft.com/manuals/user/user.html >> >> > >___________________________________________________________________________ >To unsubscribe, send email to [EMAIL PROTECTED] and include in the body >of the message "signoff SERVLET-INTEREST". > >Archives: http://archives.java.sun.com/archives/servlet-interest.html >Resources: http://java.sun.com/products/servlet/external-resources.html >LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > >___________________________________________________________________________ >To unsubscribe, send email to [EMAIL PROTECTED] and include in the body >of the message "signoff SERVLET-INTEREST". > >Archives: http://archives.java.sun.com/archives/servlet-interest.html >Resources: http://java.sun.com/products/servlet/external-resources.html >LISTSERV Help: http://www.lsoft.com/manuals/user/user.html ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html