![]() One of the things I tried was building a class called ApplicationController, which merely added logged in users to a hashtable. After numerous attempts, and numerous strategies, I've finally figured something out. I'll continue thinking about it though, but if you come up with something before, definitely come back here and post. but i really haven't been able to come up with much. My ideas have been along the lines of storing a cookie with some information on the client when they log in. I've been thinking about a creative solution around this for a while, and haven't come up with much. So how can you tell if the session has expired, the user has logged out, or the user has never been there before? And with JSP, the session variable is always available, and is created when you attempt to access it if it did not previously exist. When a session expires, the servlet container simply invalidates the session, having the same effect as calling invalidate(). My solution was to simply forward the user to the login page with a parameter to let the page know to display a message that said something like "Invalid password or session expired". I've been in the same situation before, but couldn't spend a whole lot of time dwelling on this problem. Has anyone else had a similar challenge? Without going into a huge ordeal explaining the pre-login app instantiation process, can anyone provide me with advice or creative ways to deal with this problem? So we need a way to distinguish wether we're dealing with an expired session, or one that hasn't even been instantiated yet. The symptom of this problem is that when the user attempts to hit any page in the app (including the login page) before logging in, they will always get redirected to an error page indicating the session has expired. However, our session checking class executes before the user has even logged in, because our application is run as an Oracle Portal partner application, and much code (including our session checking code) executes before a session has even begun. Our problem is this: our session checking class detects if a session variable is empty, and determines wether the session has expired and the user should login again. This is a follow up to a question I posted earlier. 1.7K Training / Learning / Certification. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |