Can you please tell me how to expire a session after a fixed interval of time.(i.e if the browser is inactive for some time - say, 5 mins)
Once the session expires, and if user tries to access the page, then he is prompted for login again, am i right?
Please tell me how to solve this problem.
Thank you.
nikk 0 Light Poster
mostafadotnet 18 Junior Poster
I don't know anything about ASP.NET but I know how to work with PHP.
Use Ajax, and you easily can solve it.
There would be a client/javascript code running on user's browser and It counts till 5 minutes, and after no activity in 5 minutes, you fire the XMLHttpRequest method/functions to call the ASP.NET code to close[expire] the session.
And all your code for any activity done on server-side should be checked against sessions.
That's all.
Good luck.
nikk 0 Light Poster
I'm using JSP. Can you please tell me how to expire a session in JSP?
vedmack 0 Junior Poster in Training
you can try
<% session.invalidate() %> masijade 1,351 Industrious Poster Team Colleague Featured Poster
To have it expired automatically, you need to configure the Application Server/Web Container properly.
Reading the session properly, and redirecting to a login page, is something you will have to do though.
The above command is the one the server will use, you can use it yourself, as well, but your classes will not be able to automatically expire the session, so it only makes sense for you to use the command in your code on logout, or after invalid actions (according to your application).
jwenting 1,889 duckman Team Colleague
in fact, all sessions will expire automatically at the rate set in the server/web app configuration.
And while there are ways to do it manually, using timers and threads in the application, why would you want to essentially replicate functionality the server provides for you?
masijade 1,351 Industrious Poster Team Colleague Featured Poster
there are ways to do it manually, using timers and threads in the application
Correct, of course, I should have said
but it is not practical for your classes to automatically expire the session
instead of
but your classes will not be able to automatically expire the session
;-)
nikk 0 Light Poster
<META HTTP-EQUIV="Expires" CONTENT="0">
What do "Expires" & content stand here for?
Please reply.
Thank you.
masijade 1,351 Industrious Poster Team Colleague Featured Poster
A directive to the browser and/or proxy server not to hold a cached copy of the page. Nothing to do with a session.
Edit: Or, more correctly, that whatever cached copy they do hold is invalid as soon as they made it, and they should retrieve a fresh copy rather than using the cached copy.
nikk 0 Light Poster
Hey guys, thanks a lot.
But, one last question -
can i use - session.setMaxIntervalTime(5)
to expire my session.
The "5" in above line - does it stand for milliseconds, seconds or minutes?
Please reply.
Thank you for your replies.
masijade 1,351 Industrious Poster Team Colleague Featured Poster
What do the API docs say?
nikk 0 Light Poster
It says-
Specifies the time, in "seconds", between the client requests before the servlet container will invalidate the session.
Does this mean, if I pass "60" to setMaxInactiveInterval, the session will be "expired" in 1 minute if the browser remains inactive, and i'll have to login again?
(i've written this code in logout.jsp)
masijade 1,351 Industrious Poster Team Colleague Featured Poster
It means your session will be invalidated if more than 60 seconds go by between the last response and the next request.
How your application handles expired sessions depends on how you programmed it. And, if you have a "logout" page you should be invalidating the session manually there. You can still have a timeout (the maxInterval), but remember that this is general to the eintire application, not a specific page or two.
nikk 0 Light Poster
Can please tell me more about timeout?
Thank you.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.