Reputation:
How to properly message a session timeout in JSP?
Using the default <session-timeout> setting for JSP, I want to show an "Your session expired (30 min)" message after the session expire and bring the user back to the login page.
To use ((HttpServletRequest) request).getSession(false) == null to detect it isn't doing the job properly, because the session will be null already at the first time the user enters the application, making the message pop right on.
How can I avoid this? Is there a way to customize JSP's HttpSession so I could know when the real event happened?
Upvotes: 1
Views: 3327
Answers (2)
Reputation: 18020
How about using request.isRequestedSessionIdValid() method (pseudo code):
if(request.getRequestedSessionId() == null) {
// no session yet -> need to create new one
}
else if(request.isRequestedSessionIdValid()) {
// we have valid session
}
else {
// session invalid due to timeout -> handle timeout
}
Upvotes: 0
Reputation: 657
How about setting a cookie indicating last login? If the cookie is valid and url is not login url, then the session timeout message can be shown.
Upvotes: 1
Related Questions
- How to call sessionDestroyed when a session times out
- Notify user about session timeout in Java EE
- Programmatically Determine Java Session Timeout
- Need to access session-timeout value in JSP
- Default Session timeout value
- How to make a session not to timeout?
- How do I set session timeout of greater than 30 minutes
- how to show session is about to timeout dialog before 1 min in jsp?
- Contdown on Servlet Session
- Session Timeout creation for application