Solved

session variables timing out

Posted on 2004-04-30
22
909 Views
Last Modified: 2010-04-01

My session variables seem to time out after a certain period of time, is there a way to set the time they can last?
How to redirect a user to jsp page when the session has timed out?
0
Comment
Question by:SuAeE
  • 11
  • 11
22 Comments
 
LVL 92

Expert Comment

by:objects
ID: 10965317
your container will probably have an option to set the timeout, check its doco.
0
 

Author Comment

by:SuAeE
ID: 10965340

Im kind of new to this, could you give me instructions to check this plz
0
 
LVL 92

Expert Comment

by:objects
ID: 10965368
what container are you using?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:SuAeE
ID: 10965397

What is a container? im using tomcat 4.1
0
 
LVL 92

Expert Comment

by:objects
ID: 10965414
tomcat is a container :)

you can set the timeout in tomcats web.xml file:

<session-config>
   <session-timeout>60</session-timeout>
</session-config>
0
 

Author Comment

by:SuAeE
ID: 10965425

Very good, and how about redirecting when to a page when the session times out?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965441
if the session has timed out, then a new empty session will be created so you can test that.
0
 

Author Comment

by:SuAeE
ID: 10965447
What will the name of the session be? I mean something like?:

 if( session.getAttribute( "timmedout" ) == null )
    response.sendRedirect( "notloggedin.jsp" ) ;
0
 
LVL 92

Expert Comment

by:objects
ID: 10965454
no the session will be empty same as when they first load a page, so check for a variable that your code adds to it.
0
 

Author Comment

by:SuAeE
ID: 10965463

Im lost, i dont know what you mean, could you post code to explain it plz?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965466
i don't know how you are using the session so can't help with specific code.
But the redirect will be exactly the same as if the user was trying to load the page for the first time.
Do you currently redirect in this case?
0
 

Author Comment

by:SuAeE
ID: 10965470

>> so check for a variable that your code adds to it.

Could you explain this more clearly plz


0
 
LVL 92

Expert Comment

by:objects
ID: 10965480
what happens when a person currently loads this page for the first time?

what do you currently use the session for?
0
 

Author Comment

by:SuAeE
ID: 10965495

Im setting many session variable throughout the web app. The first session that is set is a "loggedin" session. Is this what you mean?
0
 
LVL 92

Expert Comment

by:objects
ID: 10965509
yes so check if "loggedin" has been set in session.
0
 

Author Comment

by:SuAeE
ID: 10965517

Im checking for that already:

 if( session.getAttribute( "loggedin" ) == null )
    response.sendRedirect( "notloggedin.jsp" ) ;

Is this what you mean by set in session?
0
 

Author Comment

by:SuAeE
ID: 10965537

I want to check if the session timer limit has been reached and redirect aotomatically if it has
0
 
LVL 92

Expert Comment

by:objects
ID: 10965541
yes that is correct, so you don't need to add anything as you are already handling it.
0
 

Author Comment

by:SuAeE
ID: 10965550

Yes but what I ideally want is that if a user leaves his machine and the session variable times out there is automatic redirection to a "notlogged" page.
0
 
LVL 92

Accepted Solution

by:
objects earned 75 total points
ID: 10965563
you can't do that the session time out occurs on the server, the browser know nothing about it.
0
 

Author Comment

by:SuAeE
ID: 10965589

I know sites that do this, they must be running some code that checks the session every so often? Anyway if thats the case I couldnt be bothered doing it, thanks for the help
0
 
LVL 92

Expert Comment

by:objects
ID: 10965612
only way i can think of to achieve it is to run a timer of some description on the client.
I doubt they actually check whether the session has actually timed out or not.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question