Solved

session variables timing out

Posted on 2004-04-30
22
910 Views
Last Modified: 2010-04-01

My session variables seem to time out after a certain period of time, is there a way to set the time they can last?
How to redirect a user to jsp page when the session has timed out?
0
Comment
Question by:SuAeE
  • 11
  • 11
22 Comments
 
LVL 92

Expert Comment

by:objects
ID: 10965317
your container will probably have an option to set the timeout, check its doco.
0
 

Author Comment

by:SuAeE
ID: 10965340

Im kind of new to this, could you give me instructions to check this plz
0
 
LVL 92

Expert Comment

by:objects
ID: 10965368
what container are you using?
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:SuAeE
ID: 10965397

What is a container? im using tomcat 4.1
0
 
LVL 92

Expert Comment

by:objects
ID: 10965414
tomcat is a container :)

you can set the timeout in tomcats web.xml file:

<session-config>
   <session-timeout>60</session-timeout>
</session-config>
0
 

Author Comment

by:SuAeE
ID: 10965425

Very good, and how about redirecting when to a page when the session times out?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965441
if the session has timed out, then a new empty session will be created so you can test that.
0
 

Author Comment

by:SuAeE
ID: 10965447
What will the name of the session be? I mean something like?:

 if( session.getAttribute( "timmedout" ) == null )
    response.sendRedirect( "notloggedin.jsp" ) ;
0
 
LVL 92

Expert Comment

by:objects
ID: 10965454
no the session will be empty same as when they first load a page, so check for a variable that your code adds to it.
0
 

Author Comment

by:SuAeE
ID: 10965463

Im lost, i dont know what you mean, could you post code to explain it plz?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965466
i don't know how you are using the session so can't help with specific code.
But the redirect will be exactly the same as if the user was trying to load the page for the first time.
Do you currently redirect in this case?
0
 

Author Comment

by:SuAeE
ID: 10965470

>> so check for a variable that your code adds to it.

Could you explain this more clearly plz


0
 
LVL 92

Expert Comment

by:objects
ID: 10965480
what happens when a person currently loads this page for the first time?

what do you currently use the session for?
0
 

Author Comment

by:SuAeE
ID: 10965495

Im setting many session variable throughout the web app. The first session that is set is a "loggedin" session. Is this what you mean?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965509
yes so check if "loggedin" has been set in session.
0
 

Author Comment

by:SuAeE
ID: 10965517

Im checking for that already:

 if( session.getAttribute( "loggedin" ) == null )
    response.sendRedirect( "notloggedin.jsp" ) ;

Is this what you mean by set in session?
0
 

Author Comment

by:SuAeE
ID: 10965537

I want to check if the session timer limit has been reached and redirect aotomatically if it has
0
 
LVL 92

Expert Comment

by:objects
ID: 10965541
yes that is correct, so you don't need to add anything as you are already handling it.
0
 

Author Comment

by:SuAeE
ID: 10965550

Yes but what I ideally want is that if a user leaves his machine and the session variable times out there is automatic redirection to a "notlogged" page.
0
 
LVL 92

Accepted Solution

by:
objects earned 75 total points
ID: 10965563
you can't do that the session time out occurs on the server, the browser know nothing about it.
0
 

Author Comment

by:SuAeE
ID: 10965589

I know sites that do this, they must be running some code that checks the session every so often? Anyway if thats the case I couldnt be bothered doing it, thanks for the help
0
 
LVL 92

Expert Comment

by:objects
ID: 10965612
only way i can think of to achieve it is to run a timer of some description on the client.
I doubt they actually check whether the session has actually timed out or not.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some of the SEO trends we might expect in 2017.
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question