tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Not quite a tomcat question
Date Sun, 31 Dec 2006 01:19:02 GMT
Happy New Year All.

Does anyone use sessions to temporarily hold confirmation codes for user
registrations? I have a setup where when the user registers a random
confirmation code is generated and appended to a url which is emailed to the
user. The user's registration data is stored in a session with the
confirmation code as the key. When they click the confirmation link, the
code is used to retrieve the registration information and the registration
is done. Some users are having trouble because it seems they're encountering
invalidated sessions. I know if  the registrations is done in one browser
and the link (outlook will open IE) opens up a different browser that would
lead to the creation of a different session which obviously wouldn't have
the registration data. I have seen implementations that enter the
confirmation directly into the database but I don't want to do that since it
would mean writing more code to check who's account is activated and who's
hasn't, and also might lead to garbage in the database of users who never
activated their accounts...Any suggestions?

"talk trash and carry a small stick."

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message