Hi Adrian,
Thanks for info. The filter is very powerful.
But I have not figure out how to tell the following two scenarios:
1. user access a page first time:
In the filter, httpRequest.getSession(false) ---> NULL
httpRequest.isRequestedSessionIdValid() ---> FALSE
httpRequest.isRequestedSessionIdValid() ---> FALSE
Can not call isNew() because the session is NULL.
2. user access a page after session expires
In the filter, will they have the same values?
Thanks for any more help.
Adrian Merrall <[EMAIL PROTECTED]> wrote:
Adrian Merrall <[EMAIL PROTECTED]> wrote:
Dave,
I presume you mean the container has expired the session? You should
use a filter.
You can then use the methods on the HttpServletRequest to see if the
sesion is valid and then the isNew() on the session itself to see if
it is a new session. You can then send them to your login page or
anywhere else if you don't want to go further or chain.doFilter to
carry on.
HTH
Adrian
On 9/26/05, Dave <[EMAIL PROTECTED]>wrote:
> How to identify expired session so that I can show a message to tell user
> that session is expired and need to login in again? If I check if session is
> null, I can not tell whether the session has not been created or expired.
> All data are kept in session scope, if a session is expired, all data lost.
> So I can not tell if the user has ever logged in. In JSF, wha t is the best
> way to do this? Thanks for help.
>
> ________________________________
> Yahoo! for Good
> Click here to donate to the Hurricane Katrina relief effort.
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
