Friday, January 27, 2006

How to find whether a Object bound to session scope has expired (or) not.

jsp:useBean id="Perfumes" class="Perfume.Perf" scope="session"/

NOT the correct way to go about.
<% if(Perfumes == null) { response.sendRedirect("http://localhost:8080/home.html"); } %>

Testing for expired sessions by testing the session object itself for nullness isn't always the most reliable way to go. This is especially true if you're using a useBean tag

The useBean tag will create a new session if the previous one has expired. So, your test for an exsiting session will return true, even though it isn't the same session that the user had when they originally logged in.

I've had much better luck testing for the existence of an object bound to session. When the user logs in sucessfully, create an object ("userBean") and bind it to session. Then with each hit, check to see if that object is null (filters are nice for this). If it is, forward or redirect to the login page.

Correct way.
if(null == session.getAttribute("userBean"){
// must be a new session...
// forward to login


Post a Comment

<< Home