In most cases, this is true ... but I think everyone can agree that there is nothing more frustrating than filling out some web-based form with lots of information (takes a long time to complete), attempting to submit, running into a session timeout, and not being able to get back to the screen to retrieve the information. Although not necessarily elegant, running a javascript timer can certainly help avoid this in certain situations and alert the user to pending problems before they happen.
justin At 10:53 AM 8/29/2002, you wrote: >Does it matter when the redirect is done? If the user sits on the page >without the session being valid where's the problem with that? You >just want to make sure that they are valid when the pages that are >secured are being accessed. > >--mikej >-=----- >mike jackson >[EMAIL PROTECTED] > > > -----Original Message----- > > From: Srinadh Karumuri [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, August 29, 2002 10:35 AM > > To: Tomcat Users List > > Subject: RE: Log out Screen > > > > > > This redirection works only when user submits a form (when server is hit). > > We cannot do automatic redirection using only Java. > > > > Other alternatives are: > > 1. Use Javascript and have a timer (set value as > > request.getSession().getMaxInactiveInterval()) to redirect the page > > automatically. > > 2. Use browser's META as below > > <META HTTP-EQUIV=Refresh > > CONTENT="<%= request.getSession().getMaxInactiveInterval() %>; > > URL=/jsp/login.jsp;"> > > > > -Sri > > > > At 12:54 PM 8/29/2002, Mike Jackson wrote: > > >That works, but I'd use a servlet to manage all page accesses and a > > >request dispatcher so that the user's machine doesn't know that it's > > >been redirected. > > > > > >--mikej > > >-=----- > > >mike jackson > > >[EMAIL PROTECTED] > > > > > > > -----Original Message----- > > > > From: Dan Lipofsky [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, August 29, 2002 9:48 AM > > > > To: Tomcat Users List > > > > Subject: Re: Log out Screen > > > > > > > > > > > > Set the timeout in web.xml inside the <web-app> tags like this > > > > <session-config> > > > > <session-timeout> > > > > 720 <!-- 720 minutes = 12 hrs --> > > > > </session-timeout> > > > > </session-config> > > > > > > > > To check for the timeout, store something in the session > > > > when they log in, like this > > > > session.putValue(StringConstants.USER_DATA,userInfo); > > > > and then check it on each page like this > > > > if (session.getValue(StringConstants.USER_DATA) == null) { > > > > // redirect > > > > } > > > > > > > > - Dan > > > > > > > > > Where is the session time out set? and how do I redirect it to a > > > > > logout page once the session times out? > > > > > > > > > > > > > > > > -- > > > > To unsubscribe, e-mail: > > ><mailto:[EMAIL PROTECTED]> > > >For additional commands, e-mail: > > ><mailto:[EMAIL PROTECTED]> > > > > > > > > > > > > > > >-- > > >To unsubscribe, e-mail: ><mailto:[EMAIL PROTECTED]> > >For additional commands, e-mail: ><mailto:[EMAIL PROTECTED]> > > >-- >To unsubscribe, e-mail: ><mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: ><mailto:[EMAIL PROTECTED]> > > > > >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
