Solved

session variables timing out

Posted on 2004-04-30
22
907 Views
Last Modified: 2010-04-01

My session variables seem to time out after a certain period of time, is there a way to set the time they can last?
How to redirect a user to jsp page when the session has timed out?
0
Comment
Question by:SuAeE
  • 11
  • 11
22 Comments
 
LVL 92

Expert Comment

by:objects
ID: 10965317
your container will probably have an option to set the timeout, check its doco.
0
 

Author Comment

by:SuAeE
ID: 10965340

Im kind of new to this, could you give me instructions to check this plz
0
 
LVL 92

Expert Comment

by:objects
ID: 10965368
what container are you using?
0
 

Author Comment

by:SuAeE
ID: 10965397

What is a container? im using tomcat 4.1
0
 
LVL 92

Expert Comment

by:objects
ID: 10965414
tomcat is a container :)

you can set the timeout in tomcats web.xml file:

<session-config>
   <session-timeout>60</session-timeout>
</session-config>
0
 

Author Comment

by:SuAeE
ID: 10965425

Very good, and how about redirecting when to a page when the session times out?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965441
if the session has timed out, then a new empty session will be created so you can test that.
0
 

Author Comment

by:SuAeE
ID: 10965447
What will the name of the session be? I mean something like?:

 if( session.getAttribute( "timmedout" ) == null )
    response.sendRedirect( "notloggedin.jsp" ) ;
0
 
LVL 92

Expert Comment

by:objects
ID: 10965454
no the session will be empty same as when they first load a page, so check for a variable that your code adds to it.
0
 

Author Comment

by:SuAeE
ID: 10965463

Im lost, i dont know what you mean, could you post code to explain it plz?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965466
i don't know how you are using the session so can't help with specific code.
But the redirect will be exactly the same as if the user was trying to load the page for the first time.
Do you currently redirect in this case?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:SuAeE
ID: 10965470

>> so check for a variable that your code adds to it.

Could you explain this more clearly plz


0
 
LVL 92

Expert Comment

by:objects
ID: 10965480
what happens when a person currently loads this page for the first time?

what do you currently use the session for?
0
 

Author Comment

by:SuAeE
ID: 10965495

Im setting many session variable throughout the web app. The first session that is set is a "loggedin" session. Is this what you mean?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965509
yes so check if "loggedin" has been set in session.
0
 

Author Comment

by:SuAeE
ID: 10965517

Im checking for that already:

 if( session.getAttribute( "loggedin" ) == null )
    response.sendRedirect( "notloggedin.jsp" ) ;

Is this what you mean by set in session?
0
 

Author Comment

by:SuAeE
ID: 10965537

I want to check if the session timer limit has been reached and redirect aotomatically if it has
0
 
LVL 92

Expert Comment

by:objects
ID: 10965541
yes that is correct, so you don't need to add anything as you are already handling it.
0
 

Author Comment

by:SuAeE
ID: 10965550

Yes but what I ideally want is that if a user leaves his machine and the session variable times out there is automatic redirection to a "notlogged" page.
0
 
LVL 92

Accepted Solution

by:
objects earned 75 total points
ID: 10965563
you can't do that the session time out occurs on the server, the browser know nothing about it.
0
 

Author Comment

by:SuAeE
ID: 10965589

I know sites that do this, they must be running some code that checks the session every so often? Anyway if thats the case I couldnt be bothered doing it, thanks for the help
0
 
LVL 92

Expert Comment

by:objects
ID: 10965612
only way i can think of to achieve it is to run a timer of some description on the client.
I doubt they actually check whether the session has actually timed out or not.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
html form inside div 3 91
password protect pdf 11 74
equalIsNot  challenge 43 134
I get error: useBean: Duplicate bean name: {0} 1 124
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
Cloud-based technologies and services will continue to grow in popularity in 2017 thanks to the simple, scalable and cost-effective solutions they deliver. Here are three areas where cloud adoption is poised to really take off.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now