tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <ralf.b...@lb-kiel.de>
Subject Antwort: Re: Antwort: session creation?
Date Thu, 15 Feb 2001 16:20:07 GMT


Hi,
try to take this code in your baseclass (assuming the name ist MyServlet) of all
your servletclasses. The performRequest-method must be called directly from the
doPost ()-Method.
If you are using only one (Dispatcher-)Servlet, you have to work out the
Requests from the Login-Page and to react on a Login (via Database or in any
other way). The generated HTML-Page in this Code-Segment must have the tag
containing <from action = \"MyServlet\" method = \"Post\">.
If you are using on the other hand more Servlets derived from this baseclass,
especially one Servlet to every HTML-Page, the generated HTML-Page in this
Code-Segment must have the tag containing <from action = \"MyLoginServlet\"
method = \"Post\">. So you can handle the Login in an own Servlet. After
succesful login you should redirect your application to your first Page. In this
way, you give the user the Startup-Page, which is directly connected to your
LoginServlet. Any illegal try of a user, to call an Servlet directly via URL in
your browser will be automatically directed to your Login.
A nice thing is a Logout-Handler on (every) Page. All you have to do is to
generate a "LOGOUT"-Button in your HTML-Stream and if pressed, you destroy the
session via invalidate ()......


class MyServlet
{

     ......

    protected void performRequest (final HttpServletRequest  roRequest,
                                   final HttpServletResponse roResponse)
        PrintWriter oOutput  = roResponse.getWriter ();       // get a
HTML-Stream
        HttpSession oSession = roRequest.getSession (false);  // try to get an
exisiting session

        if (oSession != null)
        {
          // OK, the user is being connected for the n-th time
          // this method is yours !!!  You get the request, the response, the
actual user-session and the html-stream, where you put in your generated
html-code
            performTask (roRequest,
                         roResponse,
                         oOutput,
                         oSession);
        }
        else
        {
            // no session, no cookie, some reasons :
          // - the user tries to connect the first time
          // - the session have been invalidated by tomcat
          // - you are using a clustered webserver and your first server have
been fallen down and your failover system takes control.
          //   so the session data on the first system is been lost. now you
have to login again (like a connection on the first time)
          // you can't distinguish the reasons !!!

            // get a fresh session, without any attribute-data
            oSession = roRequest.getSession (true);

          // write your Errormessage (like above) into the HTML-Stream and
create a Login-Screen
          oOutput.println ("<html> .......... <form action = \"THIS_SERVLET\"
method = \"post\" > ..... " + YOUR_ERRORMESSAGE + YOUR_LOGIN_SCREEN + "</form>  .....

 </html>");

          // now the generated HTML-Page will be sent back to your browser and
the user must login or leave !
        }
    }






venkatesan <gv@aitpl.stpn.soft.net> am 15.02.2001 14:01:08

Bitte antworten an tomcat-user@jakarta.apache.org

An:   tomcat-user@jakarta.apache.org
Kopie:     (Blindkopie: Ralf Bode/13/LBSH/DE)

Thema:    Re: Antwort: session creation?




Hi Antwort ,
     Thanx a lot for ur help.. Now i am able to create new session and if i not
perform any operations in that page on the specified time. that page is not
comming
and if i click refresh button new page is comming... Well ............ But my
problem is while i entering into my web page the first screen is blank in the
same
way while the page is expired after the particular time if i click any link that
page also blank....... can u give me some tips so that while i am entering my
web-page it should not come blank and it the same way after the page expired,
some
message should come...

Thanx in advance

cheers
venkatesh



ralf.bode@lb-kiel.de wrote:

> Hi,
> to create a user-session you may try the following code in the doGet
> (...)/doPost (...) - handling-Methods :
>
>         HttpSession oSession = roRequest.getSession (false);  // try to get an
> exisiting session
>
>         if (oSession != null)
>         {
>                 // OK, anyone is been connected for the n-th time
>
>                 // continue ....
>                 performTask (....)
>         }
>         else
>         {
>             // - user tries to connect the first time, no cookie on the client
> -> no session
>             // - sessiontimeout, all userdata are lost
>             // this behaviour occurs too if you use an clustered webserver
since
>  all sessiondata residents only on one machine (!!!)
>             // you can't determine, why the session is invalid
>             oSession = roRequest.getSession (true);  // get a new session
> without any attributes in
>
>             // perhaps an errormessage or a login-handling or both
>         }           :
>
> All user-sessions will be invalidated by tomcat automatically. The timeout is
> defined in the WEB.XML in your %TOMCAT_HOME%/conf - Directory. Out-of-the-box
> this parameter is initialized with 30. This means, after approximately 30
> Minutes the user-session will be invalidated. The next HTTP-Request will run
> into the ELSE-case described above. Try any other values   :-)
>
> venkatesan <gv@aitpl.stpn.soft.net> am 15.02.2001 12:10:14
>
> Bitte antworten an tomcat-user@jakarta.apache.org
>
> An:   tomcat-user@jakarta.apache.org
> Kopie:     (Blindkopie: Ralf Bode/13/LBSH/DE)
>
> Thema:    session creation?
>
> Hi All,
>       I am creating web applications using servlets. can anybody tell
> that simple session creation for a particular user and invalidate after
> a specific time.
>
> Thanks
>
> cheers
> venkatesh
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, email: tomcat-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, email: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, email: tomcat-user-help@jakarta.apache.org








Mime
View raw message