struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Poon, Johnny" <>
Subject RE: How to differentiate between timed-out user and new user?
Date Wed, 09 Jul 2003 21:25:42 GMT
So when you say "persistent user repository", do you mean something that the
programmer manually store in the DB or is there some API that we can query
it on the web server?

-----Original Message-----
From: Paananen, Tero [mailto:Tero.Paananen@GTECH.COM]
Sent: Wednesday, July 09, 2003 4:11 PM
To: 'Struts Users Mailing List'
Subject: RE: How to differentiate between timed-out user and new user?

> I'm dealing with the issue of session timeout and I'm
> having trouble figuring out how I can tell when a user
> is making a request after their session has timed out.
> I'd like to present them with a message indicating that
> fact, rather than just assuming they're a new user and 
> sending them on to the login page.  Is there any way to 
> detect this?

Store the session ID the user is associated with
in the persistent user repository when the user
logs in. Clear it when the user logs out.

On every request, capture the session ID the browser
is sending you either as a cookie or a request parameter.

If the session has timed out, search the user repository
for the same session ID.

If you find one, you'll know the session has timed out
(user never logged out, so the session ID was not cleared).

If you don't find one (or there is no session ID sent
from the browser), it's a new user.


This email may contain confidential and privileged material for the sole use
of the intended recipient(s). Any review, use, retention, distribution or
disclosure by others is strictly prohibited. If you are not the intended
recipient (or authorized to receive for the recipient), please contact the
sender by reply email and delete all copies of this message.  Also, email is
susceptible to data corruption, interception, tampering, unauthorized
amendment and viruses. We only send and receive emails on the basis that we
are not liable for any such corruption, interception, tampering, amendment
or viruses or any consequence thereof.

To unsubscribe, e-mail:
For additional commands, e-mail:

This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message