[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

Allocate new session after login authentication.(j2ee)

how do i issue a new session tracking cookie after user successfully authenticates to the application.
0
sunilramu
Asked:
sunilramu
  • 2
  • 2
  • 2
  • +1
2 Solutions
 
sunilramuAuthor Commented:
let me rephrase the question, can we change the jsessionid after authentication.
0
 
objectsCommented:
invalidate the session and create a new one
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
mukundha_expertCommented:
how r u tracking session??
by cookie or HTTPSession

if HttpSession then you can invalidate and create a new one
or use this page directive to stop creating the default session object '<%@ page session = “false” %>'

after authenticating create a new session.

if you are using cookies , then ceate a cookie after authenticatoin and add it to the response
0
 
sunilramuAuthor Commented:
i was able to allocate a new session with your help, is there anyway to make this secure ( a secure session)
0
 
objectsCommented:
what do u consider to be a secure session?
0
 
mukundha_expertCommented:
you can ensure the session secure by many ways like .. disabling the back option ( going back to previous page ) etc..

if the user logs out and tries to comeback to the previous page.. it should divert him to the login page,
like this there are many issues regarding secure session but these things you have to take care of using your code.. the Httpsession will not handle such scenorios
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now