Solved

Allocate new session after login authentication.(j2ee)

Posted on 2006-07-07
9
297 Views
Last Modified: 2013-11-24
how do i issue a new session tracking cookie after user successfully authenticates to the application.
0
Comment
Question by:sunilramu
  • 2
  • 2
  • 2
  • +1
9 Comments
 
LVL 13

Expert Comment

by:Webstorm
ID: 17060445
0
 

Author Comment

by:sunilramu
ID: 17061550
let me rephrase the question, can we change the jsessionid after authentication.
0
 
LVL 92

Accepted Solution

by:
objects earned 250 total points
ID: 17062884
invalidate the session and create a new one
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 10

Assisted Solution

by:mukundha_expert
mukundha_expert earned 250 total points
ID: 17064143
how r u tracking session??
by cookie or HTTPSession

if HttpSession then you can invalidate and create a new one
or use this page directive to stop creating the default session object '<%@ page session = “false” %>'

after authenticating create a new session.

if you are using cookies , then ceate a cookie after authenticatoin and add it to the response
0
 

Author Comment

by:sunilramu
ID: 17065144
i was able to allocate a new session with your help, is there anyway to make this secure ( a secure session)
0
 
LVL 92

Expert Comment

by:objects
ID: 17066519
what do u consider to be a secure session?
0
 
LVL 10

Expert Comment

by:mukundha_expert
ID: 17070582
you can ensure the session secure by many ways like .. disabling the back option ( going back to previous page ) etc..

if the user logs out and tries to comeback to the previous page.. it should divert him to the login page,
like this there are many issues regarding secure session but these things you have to take care of using your code.. the Httpsession will not handle such scenorios
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
numbers ascending pyramid 101 214
servlet example 17 53
Delete Android all or certain applications data programmatically 9 77
how to debug htl and js pages 8 39
An old method to applying the Singleton pattern in your Java code is to check if a static instance, defined in the same class that needs to be instantiated once and only once, is null and then create a new instance; otherwise, the pre-existing insta…
Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
The viewer will learn how to implement Singleton Design Pattern in Java.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question