To answer your question:
1) create a filter that does your tests for a "valid" session but only
check it if the "isNewSession" flag in a session is not set. When you
find a bad session, call session.invalidate() and forward to an
<action-forward> for the login page. You should add redirect="true" to
the action-forward so that the browser will load the login page as if
they were coming in the first time. If you need to have the
sessionExpire page you can have it display and either embed a button
that will bring user to the login page or have a meta redirect tag
that redirects them after x seconds.

The real question is, why are you going to re-check authentication
every time they go in, is there anything more you need to check for it
to be a "valid" session? Remember that a given browser's requests will
always go to the same session; so once they are validated, you can set
a flag in the session that they have been validated and don't worry
about re-authentication.

-ed

On 10/28/06, Mallik <[EMAIL PROTECTED]> wrote:

HI friends
In my application i want to test session valid or not before affaring any
service to the user.
that means, once the user logon, i will maintain a session and for any
request thenafter upto logout i need to test that session is valid,
otherwise i need to display sessionExpire page and requires relogin.
please let me know that how to do it?

ur's
Mallik

--
View this message in context: 
http://www.nabble.com/Session-tracking-in-struts--tf2527634.html#a7045712
Sent from the Struts - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to