Solved

Allocate new session after login authentication.(j2ee)

Posted on 2006-07-07
9
298 Views
Last Modified: 2013-11-24
how do i issue a new session tracking cookie after user successfully authenticates to the application.
0
Comment
Question by:sunilramu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
9 Comments
 
LVL 13

Expert Comment

by:Webstorm
ID: 17060445
0
 

Author Comment

by:sunilramu
ID: 17061550
let me rephrase the question, can we change the jsessionid after authentication.
0
 
LVL 92

Accepted Solution

by:
objects earned 250 total points
ID: 17062884
invalidate the session and create a new one
0
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

 
LVL 10

Assisted Solution

by:mukundha_expert
mukundha_expert earned 250 total points
ID: 17064143
how r u tracking session??
by cookie or HTTPSession

if HttpSession then you can invalidate and create a new one
or use this page directive to stop creating the default session object '<%@ page session = “false” %>'

after authenticating create a new session.

if you are using cookies , then ceate a cookie after authenticatoin and add it to the response
0
 

Author Comment

by:sunilramu
ID: 17065144
i was able to allocate a new session with your help, is there anyway to make this secure ( a secure session)
0
 
LVL 92

Expert Comment

by:objects
ID: 17066519
what do u consider to be a secure session?
0
 
LVL 10

Expert Comment

by:mukundha_expert
ID: 17070582
you can ensure the session secure by many ways like .. disabling the back option ( going back to previous page ) etc..

if the user logs out and tries to comeback to the previous page.. it should divert him to the login page,
like this there are many issues regarding secure session but these things you have to take care of using your code.. the Httpsession will not handle such scenorios
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Unhandled exception type Exception 18 65
SequenceInputStream example 3 38
Website checklist for browser compatibility? 2 57
Java ArrayList and if statement 2 55
Java contains several comparison operators (e.g., <, <=, >, >=, ==, !=) that allow you to compare primitive values. However, these operators cannot be used to compare the contents of objects. Interface Comparable is used to allow objects of a cl…
Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.
Suggested Courses

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question