tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vernon Smith" <>
Subject RE: cleaning up sessions ...
Date Wed, 17 Sep 2003 20:00:09 GMT
I don't know your application scenario, but in general, authetication is not the same as a
session state. 

Authetication can be implemented in a filter. 

Hope this helps.


--------- Original Message ---------

DATE: Wed, 17 Sep 2003 15:49:41
From: "Shapira, Yoav" <>
To: "Tomcat Users List" <>

>>all pages i do a checkAuthetication .. how do i check if the session is
>>active or not ? .. so that i can detect that and redirect them to the
>Hmm... I would do this using attributes.  All attributes are unbound
>when the session is invalidated.  So add an attribute to the session
>when you authenticate people, and check for that attribute in your
>pages.  If it's not present, redirect them to the authentication page.
>Yoav Shapira
>This e-mail, including any attachments, is a confidential business communication, and
may contain information that is confidential, proprietary and/or privileged.  This e-mail
is intended only for the individual(s) to whom it is addressed, and may not be saved, copied,
printed, disclosed or used by anyone else.  If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the sender.  Thank you.
>To unsubscribe, e-mail:
>For additional commands, e-mail:

University of Phoenix Online. Free Information - Online Classes
This offer applies to U.S. Residents Only

View raw message