Re: session expiried...

[Jonathan Eric Miller]

I'm using something similar to the following in my "SessionExpiredFilter". 
It checks the session ID provided by the browser (whether from the cookie or 
from URL rewriting) and if one is provided and it isn't valid, it redirects 
to a page that is provided as a configuration parameter to the filter. 
Initially, I had it doing a forward instead of a redirect, but, then I 
realized that it would skip any filters that come after that filter, so, I 
decided to make it do a redirect instead. The code I'm using is a little 
different than this because I have some tweaks in it so that it works with 
Tomcat integrated security and a separate login page that I have which is 
shared between applications.

public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain chain) throws IOException, ServletException {
HttpServletRequest hsr = (HttpServletRequest)request;
HttpServletResponse hsr2 = (HttpServletResponse)response;
HttpSession hs = hsr.getSession();
if((hsr.getRequestedSessionId() != null && hsr.isRequestedSessionIdValid() 
== false)) {
String queryString = hsr.getQueryString();
hsr2.sendRedirect(page + (queryString == null ? "" : "?" + queryString));
}
else {
chain.doFilter(request, response);
}
}

Jon
----- Original Message ----- 
From: "Slawek" <[EMAIL PROTECTED]>
To: <myfaces-user@incubator.apache.org>
Sent: Wednesday, April 06, 2005 3:09 PM
Subject: session expiried...


hi again
one of my filter checks if user is logged. if not logged and not trying to 
acces to login.jsf than i redirect him to login page.

but when users session expried than its visit bean is empty so my filter 
redirects user to login.
thats make users a little confused;) so i must redirect them to page that 
say: "hi, too long not using system. click here to login again" or sth...

do u guys have somme "goog style" aproach to determine if user session has 
expired or is it just his first attempt to system??

slawek