struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shahak Nagiel <snag...@yahoo.com>
Subject Re: Session Expiration Handling
Date Wed, 09 May 2007 15:59:21 GMT
I've implemented a similar authenticator (which I called AuthenticationInterceptor, since it's
verifying the user has been authenticated).  The easiest way to handle this is to simply put
some object in the HttpSession once the user is authenticated at login time, such as a User
object.  If that object isn't in session, you can assume either they haven't yet logged on
or the session has expired (which are both really the same scenario anyway).


----- Original Message ----
From: "meissa.sakho@investorservicing.natixis.fr" <meissa.sakho@investorservicing.natixis.fr>
To: user@struts.apache.org
Sent: Wednesday, May 9, 2007 11:14:20 AM
Subject: Session Expiration Handling

Depuis le 21 décembre 2006, Natexis Investor Servicing s'appelle Natixis Investor Servicing.
Les adresses mails des collaborateurs ayant changé, veillez à la mise à jour de votre carnet
d'adresses.





Hi all,

I would like to write an Interceptor that will handle the session 

expiration.

If somone has already written something like that, thanks to tell me how.

If not here is my idea.



my interceptor will retrieve the session. A private method will tell me if 

the session is still valid.

here is an extract:



public String intercept(ActionInvocation invocation) throws Exception

        {

        Map session = invocation.getInvocationContext().getSession();

        if(isSessionExpired(session))

                {

                        return Constants.SESSION_EXPIRED_ACTION;

                } 

        else

                {

                        return invocation.invoke();

                }



        }



        private boolean isSessionExpired(Map session)

        {

        return true;

        }



When I put an object in the session (in the first action that is called 

for example),

is there a way to test if the session is still valid ?



any help is greetly appreciated.



Meissa





L'integrite de ce message n'etant pas assuree sur internet, Natixis ne peut etre tenu responsable
de son contenu. Toute utilisation ou diffusion non autorisee est interdite. Si vous n'etes
pas destinataire de ce message, merci de le detruire et d'avertir l'expediteur.

Ensemble, faisons un geste pour l'environnement : n'imprimons nos mails que si necessaire



The integrity of this message cannot be guaranteed on the Internet. Natixis can not therefore
be considered responsible for the contents. Any unauthorized use or dissemination is prohibited.
If you are not the intended recipient of this message, then please delete it and notify the
sender.








Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message