?
Solved

Allocate new session after login authentication.(j2ee)

Posted on 2006-07-07
9
Medium Priority
?
301 Views
Last Modified: 2013-11-24
how do i issue a new session tracking cookie after user successfully authenticates to the application.
0
Comment
Question by:sunilramu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
9 Comments
 
LVL 13

Expert Comment

by:Webstorm
ID: 17060445
0
 

Author Comment

by:sunilramu
ID: 17061550
let me rephrase the question, can we change the jsessionid after authentication.
0
 
LVL 92

Accepted Solution

by:
objects earned 1000 total points
ID: 17062884
invalidate the session and create a new one
0
Setting up LaraDock for Laravel

Learn how to set up LaraDock in a Laravel project - LaraDock gives us an easy way to run a Laravel application using Docker in a single command.

 
LVL 10

Assisted Solution

by:mukundha_expert
mukundha_expert earned 1000 total points
ID: 17064143
how r u tracking session??
by cookie or HTTPSession

if HttpSession then you can invalidate and create a new one
or use this page directive to stop creating the default session object '<%@ page session = “false” %>'

after authenticating create a new session.

if you are using cookies , then ceate a cookie after authenticatoin and add it to the response
0
 

Author Comment

by:sunilramu
ID: 17065144
i was able to allocate a new session with your help, is there anyway to make this secure ( a secure session)
0
 
LVL 92

Expert Comment

by:objects
ID: 17066519
what do u consider to be a secure session?
0
 
LVL 10

Expert Comment

by:mukundha_expert
ID: 17070582
you can ensure the session secure by many ways like .. disabling the back option ( going back to previous page ) etc..

if the user logs out and tries to comeback to the previous page.. it should divert him to the login page,
like this there are many issues regarding secure session but these things you have to take care of using your code.. the Httpsession will not handle such scenorios
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
In this post we will learn how to make Android Gesture Tutorial and give different functionality whenever a user Touch or Scroll android screen.
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
Suggested Courses
Course of the Month12 days, 18 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question