You are doing nothing wrong... Tomcat will persist sessions between restarts. To check your code works correctly, don't restart Tomcat... close your browser window and start a new instance of the browser (or let the session time out in a single browser).
> -----Original Message----- > From: Mufaddal Khumri [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 17, 2003 2:53 AM > To: Tomcat Users List > Cc: [EMAIL PROTECTED] > Subject: Re: cleaning up sessions ... > > > Exactly. I have a session attribute in my session that i set > to true . > and if that session attribute is not present or is false i redirect > them to the authentication page. > > I did the following to my server.xml : > > <Manager className="org.apache.catalina.session.PersistentManager" > debug="0" > saveOnRestart="false" > maxActiveSessions="-1" > minIdleSwap="-1" > maxIdleSwap="-1" > maxIdleBackup="-1"> > <Store > className="org.apache.catalina.session.FileStore"/> > </Manager> > > Now i go to the tomcat manager and reload my webapp . I am > navigating > the webapp in a browser when this happens (ie i am currently a user > using a valid session ) .. after the webapp reloads ... i continue > using the webapp by clicking on say a link ... which takes me to some > other jsp page ... i do a check on top of this jsp page for this > "attribute" ... and it still persists . This is what threw me off .. > and i could not understand where i was doing what wrong ... > > Any help appreciated > > Thanks. > > On Thursday, September 18, 2003, at 01:19 AM, Shapira, Yoav wrote: > > > > > Howdy, > > > >> all pages i do a checkAuthetication .. how do i check if > the session > >> is > >> active or not ? .. so that i can detect that and redirect > them to the > > > > Hmm... I would do this using attributes. All attributes > are unbound > > when the session is invalidated. So add an attribute to > the session > > when you authenticate people, and check for that attribute in your > > pages. If it's not present, redirect them to the > authentication page. > > > > Yoav Shapira > > > > > > > > This e-mail, including any attachments, is a confidential business > > communication, and may contain information that is confidential, > > proprietary and/or privileged. This e-mail is intended > only for the > > individual(s) to whom it is addressed, and may not be > saved, copied, > > printed, disclosed or used by anyone else. If you are not the(an) > > intended recipient, please immediately delete this e-mail from your > > computer system and notify the sender. Thank you. > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
