dimple
asked on
Session handling through HttpSessionListener in strut application
Hi All,
I have a struts application running on websphere 6.1. I would like to redirect login page when the session is destroyed because of inactivity.
I am planning to have a session listener class that implements the HttpSessionListener interface and is registered in the web.xml configuration.
I don't see any way to simple redirect in sessionDestroyed() as request object is not available.
Can it be possible that i will throw customized exception from the sessionDestroyed() method.
This exception would be defined as a global exception in the struts configuration xml and would map back to the login page of the application.
Any better suggestion for session handling is welcome other than above.
Thanks in advance,
Dimpal
I have a struts application running on websphere 6.1. I would like to redirect login page when the session is destroyed because of inactivity.
I am planning to have a session listener class that implements the HttpSessionListener interface and is registered in the web.xml configuration.
I don't see any way to simple redirect in sessionDestroyed() as request object is not available.
Can it be possible that i will throw customized exception from the sessionDestroyed() method.
This exception would be defined as a global exception in the struts configuration xml and would map back to the login page of the application.
Any better suggestion for session handling is welcome other than above.
Thanks in advance,
Dimpal
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi objects,
Thanks for your suggestion. I already mentioned in my original question that I don't see any way to simple redirect in sessionDestroyed() as request object is not available. Can you please give me code snap how can i redirect the loggin page from sessionDestroyed() .
Thanks,
Dimpal
Thanks for your suggestion. I already mentioned in my original question that I don't see any way to simple redirect in sessionDestroyed() as request object is not available. Can you please give me code snap how can i redirect the loggin page from sessionDestroyed() .
Thanks,
Dimpal
ASKER
Hi Murali,
Thanks for your suggestion. Application i am referring is already exist There are lot of action classes and to implement session checking in action class requires major code changes.
I am rather looking for any way which requires minimal effort for session handling, preciously without code changes in existing classes. The possible way can be either by using filter or HttpSessionListener . Can you have any other better way ?
Thanks,
Dimpal
Thanks for your suggestion. Application i am referring is already exist There are lot of action classes and to implement session checking in action class requires major code changes.
I am rather looking for any way which requires minimal effort for session handling, preciously without code changes in existing classes. The possible way can be either by using filter or HttpSessionListener . Can you have any other better way ?
Thanks,
Dimpal
> Thanks for your suggestion. I already mentioned in my original question that I don't see any way to simple redirect in sessionDestroyed() as request object is not available. Can you please give me code snap how can i redirect the loggin page from sessionDestroyed() .
as i said above you can't. Typically there will not even be a request.
as i said above you can't. Typically there will not even be a request.
I can think another solution using ajax if u don't want to modify ur code.
As soon as some one visit the page start a counter at the client side say for 30 minutes (default session expiry) in case u have set something below this then run the counter till that time. Once the time is reached give an ajax call to a servlet where it checks the session validity. if Session is invalid redirect to login page,probably u can show an alert to client and then redirect to the login page.
You can have this logic in a seperate jsp file and include them in all the other files. This way i hope u need not touch other existing classes.
-Murali*
As soon as some one visit the page start a counter at the client side say for 30 minutes (default session expiry) in case u have set something below this then run the counter till that time. Once the time is reached give an ajax call to a servlet where it checks the session validity. if Session is invalid redirect to login page,probably u can show an alert to client and then redirect to the login page.
You can have this logic in a seperate jsp file and include them in all the other files. This way i hope u need not touch other existing classes.
-Murali*
In ur action class extend the above class and as a first statement in the execute method call the isSessionValid() method. So if session is invalid it redirects to login page without much hassle...
-Murali*