-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Filip,
Please keep all discussions on the list. On 2/11/2009 8:08 AM, lync...@gmx.de wrote: > First, I did what you suggested and set a Key value pair in the > session map. in the login phase im trying to read this value to see > if the user is coming from the loginpage. You won't really be able to tell if the user is "coming" from the login page. The best you can do is to detect that the session is not in a proper state - by checking for some key in the session. I'm just trying to be clear. > The problem now seems to be, that i write the session key too late > and my lookup happens to early which means that in the lookup moment > the key never is set. You have to do your checking in a Filter so that it occurs /before/ the servlet handles the request. Otherwise, you'd have to re-write a LOT of your application to check for proper session state before doing whatever it is your servlet needs to do. > We write the session keypair in that moment when we load the userdata > which is pretty close after the login form. Exactly where? > We try to read the value in the SessionTimeoutFilter. But in this > filter, the Key is never set. By the way , we're using JSF(RI) and > Orchestra.core v1.2. Maybe this frameworks are involved in our > problem im not sure.... It's possible that the framework is interfering, but unlikely. Can you send the code for your SessionTimeoutFilter as well as the configuration from web.xml for /all/ of your filters? Remember to remove any sensitive information. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmS0qIACgkQ9CaO5/Lv0PDI4QCgtcCRkB/MFRcA0+DOu+66HMxR RlMAn12yFxvfGAURM4IfQ3fVCRtU4EsZ =tRCE -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
