tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Léa Massiot <>
Subject Re: Session expiration - browser -Web application
Date Fri, 04 Nov 2011 18:55:05 GMT

@Christopher :
Thank you for your answer.

Christopher wrote:
> The new session created is completely empty. It has nothing to do with the
> user going back in the history, etc.
> No, you are right.
What I meant is that I was/am managing session expiration inside the Webapp
(for instance if the user clicks a button which is inside the Webapp and if
the session has expired, I redirect him to the log in page).

Christopher wrote:
> I always try to have enough information in the page (form) so that
> resuming a workflow after a session timeout is a possibility.
I'm sorry but I do not understand what you are explaining me here...

I have found a solution, here it is:
for all the JSPs which require a user to be identified (*), I add the
following code:

    ASessionAttribute aSessionAttribute = null;
    HttpSession       httpSession       = null; 
        httpSession       = request.getSession();
	aSessionAttribute = (ASessionAttribute)
	if(aSessionAttribute  == null)

Then if a user presses the F5 key and if the session has expired, he is
properly redirected to the log in page.

Best regards,

(*) That is to say, in my example, the "aSessionAttribute" object musn't be
View this message in context:
Sent from the Tomcat - User mailing list archive at

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message