To answer your question: 1) create a filter that does your tests for a "valid" session but only check it if the "isNewSession" flag in a session is not set. When you find a bad session, call session.invalidate() and forward to an <action-forward> for the login page. You should add redirect="true" to the action-forward so that the browser will load the login page as if they were coming in the first time. If you need to have the sessionExpire page you can have it display and either embed a button that will bring user to the login page or have a meta redirect tag that redirects them after x seconds.
The real question is, why are you going to re-check authentication every time they go in, is there anything more you need to check for it to be a "valid" session? Remember that a given browser's requests will always go to the same session; so once they are validated, you can set a flag in the session that they have been validated and don't worry about re-authentication. -ed On 10/28/06, Mallik <[EMAIL PROTECTED]> wrote:
HI friends In my application i want to test session valid or not before affaring any service to the user. that means, once the user logon, i will maintain a session and for any request thenafter upto logout i need to test that session is valid, otherwise i need to display sessionExpire page and requires relogin. please let me know that how to do it? ur's Mallik -- View this message in context: http://www.nabble.com/Session-tracking-in-struts--tf2527634.html#a7045712 Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]