(assuming your session timeout is 20 minutes)
<meta http-equiv="refresh" content="1200;/">
You should be handling invalid/expired session state in your application and by using the above technique, it will work universally, whether you are managing sessions from your actions, CMS, or some other service outside of the conatiner, such as a product like SiteMinder by Netegrity.
This will _force_ the browser to do a refresh of the page after 1200 seconds (20 minutes), which will allow your app to handle the request (from a now expired session) the same as it would if the user had initiated the request giving a hint of being on a rich client where such events are easily handled.
-- James Mitchell Software Engineer / Open Source Evangelist Consulting / Mentoring / Freelance EdgeTech, Inc. http://www.edgetechservices.net/ 678.910.8017 AIM: jmitchtx Yahoo: jmitchtx MSN: [EMAIL PROTECTED]
----- Original Message ----- From: "Adam Lipscombe" <[EMAIL PROTECTED]>
To: "'Struts Users Mailing List'" <user@struts.apache.org>
Sent: Thursday, May 12, 2005 6:19 AM
Subject: Best practice for redirecting on session timeout?
Folks,
I there a standard way of handling session timeouts. If a user has been inactive for longer than N minutes I want to redirect them to the login page.
It occurs to me that this could be done in a) the RequestProcessor or b) in
an JSP include.
Is there another way? What is best practice?
TIA - Adam
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
