I look for a standard value (username) that should never get removed from the users session (until it either timesout, or they logout). I use this and attributeAdded to maintain a list, so I can tell who's "logged in" to my site.
public class SessionLister implements HttpSessionAttributeListener
{
public void attributeAdded(HttpSessionBindingEvent ev)
{
// add user to static list
if (ev.getName().equals("username")){
users.put(ev.getValue(), ev.getValue());
}
}public void attributeRemoved(HttpSessionBindingEvent ev)
{
if (ev.getName().equals("username")){
log.info("SESSION LOGGED OUT OR EXPIRED: "
+ ev.getName() + " = "
+ ev.getValue());
users.remove(ev.getValue());
}
}private HashMap getList(HttpSessionEvent hse)
{
HttpSession session = hse.getSession();
ServletContext context = session.getServletContext();
HashMap users = (HashMap)
context.getAttribute("com.app.userlist");
if (users == null)
{
users = new HashMap();
context.setAttribute("com.bzzagent.userlist", users);
}
return users;
}}
...then put this into your web.xml
<listener> <listener-class>com.app.SessionLister</listener-class> </listener>
...so you could use this to build and maintain a list of people who started the flow (put something in their session) and do something else with the user if they time out (decrement a counter, etc).
Hope this helps.
/kurt
[EMAIL PROTECTED] wrote:
We have done a similar thing with filter. You put a check in the filter to redirect to an error page if the session is not present in the request. this will also prevent a user to access the site without login in.
Filters however is only available with servlet 2.3
Brati Sankar Ghosh Tata Consultancy Services Mailto: [EMAIL PROTECTED] Website: http://www.tcs.com
*"Khalid K." <[EMAIL PROTECTED]>*
04/20/2004 07:13 AM Please respond to "Struts Users Mailing List" <[EMAIL PROTECTED]>
To "'Struts Users Mailing List'" <[EMAIL PROTECTED]> cc Subject RE: detecting session timeout
You can store an attribute in session when you initially start the session Subsquent checks for that attribute on EACH request will check if that Attribute doesn't exist...session has expired or they are not logged on etc.
Of course the key to this is to put a hook on RequestProcessor to run this snipt For each request...if you do this correctly...the request won't even make it to your action You can redirect them to whatever page you like...
We have similar code but we use Struts 1.0 so we have extended ActionServlet and have Written the processPreProcess() (I think..that is what the method is called..can't recall the actual name)
Khalid
-----Original Message----- From: Dean A. Hoover [mailto:[EMAIL PROTECTED] Sent: Monday, April 19, 2004 8:18 AM To: [EMAIL PROTECTED] Subject: detecting session timeout
Any suggestions on how to detect session timeouts? I am experimenting with extending TilesRequestProcessor (I'm using struts 1.1 and tiles). Here's an example of the kind of thing I would like to detect: I have a multipage registration process. Suppose a user gets halfway through and then goes away for some reason (lunch?). They come back and their session has timed out. This means that the data that was gathered and placed in the session on previous forms is gone. The validator framework then complains about missing data from the previous pages. I just want to put up a special page indicating that they took too long to register. I need this same basic session in a number of places, so I really need a general solution. Any ideas?
Dean Hoover
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.659 / Virus Database: 423 - Release Date: 4/15/2004
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.659 / Virus Database: 423 - Release Date: 4/15/2004
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
ForwardSourceID:NT0000584A
------------------------------------------------------------------------
DISCLAIMER: The information contained in this message is intended only and solely for the addressed individual or entity indicated in this message and for the exclusive use of the said addressed individual or entity indicated in this message (or responsible for delivery
of the message to such person) and may contain legally privileged and confidential information belonging to Tata Consultancy Services. It must not be printed, read, copied, disclosed, forwarded, distributed or used (in whatsoever manner) by any person other than the addressee. Unauthorized use, disclosure or copying is strictly prohibited and may constitute unlawful act and can possibly attract legal action, civil and/or criminal. The contents of this message need not necessarily reflect or endorse the views of Tata Consultancy Services on any subject matter.
Any action taken or omitted to be taken based on this message is entirely at your risk and neither the originator of this message nor Tata Consultancy Services takes any responsibility or liability towards the same. Opinions, conclusions and any other information contained in this message that do not relate to the official business of Tata Consultancy Services shall be understood as neither given nor endorsed by Tata Consultancy Services or any affiliate of Tata Consultancy Services. If you have received this message in error, you should destroy this message and may please notify the sender by e-mail. Thank you.
------------------------------------------------------------------------
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
