• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 308
  • Last Modified:

Allocate new session after login authentication.(j2ee)

how do i issue a new session tracking cookie after user successfully authenticates to the application.
0
sunilramu
Asked:
sunilramu
  • 2
  • 2
  • 2
  • +1
2 Solutions
 
sunilramuAuthor Commented:
let me rephrase the question, can we change the jsessionid after authentication.
0
 
objectsCommented:
invalidate the session and create a new one
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
mukundha_expertCommented:
how r u tracking session??
by cookie or HTTPSession

if HttpSession then you can invalidate and create a new one
or use this page directive to stop creating the default session object '<%@ page session = “false” %>'

after authenticating create a new session.

if you are using cookies , then ceate a cookie after authenticatoin and add it to the response
0
 
sunilramuAuthor Commented:
i was able to allocate a new session with your help, is there anyway to make this secure ( a secure session)
0
 
objectsCommented:
what do u consider to be a secure session?
0
 
mukundha_expertCommented:
you can ensure the session secure by many ways like .. disabling the back option ( going back to previous page ) etc..

if the user logs out and tries to comeback to the previous page.. it should divert him to the login page,
like this there are many issues regarding secure session but these things you have to take care of using your code.. the Httpsession will not handle such scenorios
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now