@Christopher :
Thank you for your answer.
Christopher wrote:
>
> The new session created is completely empty. It has nothing to do with the
> user going back in the history, etc.
> No, you are right.
What I meant is that I was/am managing session expiration inside the Webapp
(for instance if the user clicks a button which is inside the Webapp and if
the session has expired, I redirect him to the log in page).
Christopher wrote:
>
> I always try to have enough information in the page (form) so that
> resuming a workflow after a session timeout is a possibility.
>
I'm sorry but I do not understand what you are explaining me here...
A SOLUTION... I THINK.
I have found a solution, here it is:
for all the JSPs which require a user to be identified (*), I add the
following code:
<%
ASessionAttribute aSessionAttribute = null;
HttpSession httpSession = null;
httpSession = request.getSession();
aSessionAttribute = (ASessionAttribute)
httpSession.getAttribute("aSessionAttribute");
if(aSessionAttribute == null)
{
response.sendRedirect("the-log-in-page.jsp");
}
%>
Then if a user presses the F5 key and if the session has expired, he is
properly redirected to the log in page.
Best regards,
--
Léa
(*) That is to say, in my example, the "aSessionAttribute" object musn't be
null.
--
View this message in context:
http://old.nabble.com/Session-expiration---browser--Web-application-tp32780678p32782585.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
