[EMAIL PROTECTED] wrote:
Hello!
Is it possible to create a new session for an already logged in person (which
has an actual session) without invalidating the existing session? It's necessary
for me to have the old session before creating an additional one, because I have
to get few datas from the old session for the new one.
request.getSession(true) gives a new session, but only if the user doesn't have
an existing session.
OK this is an odd one, but I'll give it a shot. It seems like you want
to transfer information from one session to another. So I'll offer up a
hypothetical situation. You want a login dialog to pop up when the
user's session times out (let's say after 15 minutes). After about 60
minutes the user decides to log back in, and you want session
information to persist.
Aside from this, I honestly can't see any reason why you'd need to have
two sessions open. If you absolutely must, find a medium where you can
persist the data (even if it's just serializing the objects to a file).
If you didn't want the session to timeout in the first place, then don't
set the timeout so low! You can set session timeout on a per-session
basis with HttpSession.setMaxInactiveInterval. Combine this with
HttpSessionListener and you can set up a mechanism with different
timeouts per session, or with the appropriate authorization Action (a la
struts) and have a timeout-per-user mechanism.
At this point I'm just speculating. You'll need to give a reason _why_
you want to do this, because a lot of people (including myself) seem to
be under the impression that you're working at the wrong solution to a
problem that might not exist.
- Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
