Yes, but this doesn't add the timeout. I guess I could add this in the session
validator?
Would (pseudo)
if session.isNew
setExpiryTime
work in the session validator?
Gareth
> -----Original Message-----
> From: Jon Stevens [mailto:[EMAIL PROTECTED]]
> Sent: Monday, September 17, 2001 18:52
> To: turbine-dev
> Subject: Re: Removing redirect behaviour
>
>
> on 9/17/01 4:49 AM, "Gareth Coltman"
> <[EMAIL PROTECTED]> wrote:
>
> > Hi,
> >
> > Can anybody give me a good reason why I should NOT remove
> the first access
> > redirect behaviour from my version of turbine? This is
> > where a new request is immediately redirected back to the
> same page, adding
> > redirected=true into the parameters. The only useful bit
> > of functionality encapsulated in this section of code is
> setting the session
> > timeout. I am planning to edit Turbine.java to set
> > Session Timeout if data.getSession.isNew() with no other
> conditions. I just
> > can't understand what it is for.... Sorry.
> >
> > I have a vague recollection that this weird behaviour was
> to fix a mozzila
> > bug... Or is it to stop a DOS attack.... Can anybody shed
> > any light on this?
> >
> > Gareth
>
> You can remove it by creating a SessionValidator and
> returning false from
> the requiresNewSession() method.
>
> -jon
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
