From: Clark C . Evans <cce@cl...> - 2001-08-03 06:24:59
When the session expires, could a new
session be created and the servlet be
notified? This way the "cheezy" code can
be moved from Application.handleInvalidSession
into Page.sessionInvalidated() or something
like this that I can ovverride with my
At 02:30 AM 8/3/01 -0400, Clark C . Evans wrote:
>When the session expires, could a new
>session be created and the servlet be
>notified? This way the "cheezy" code can
>be moved from Application.handleInvalidSession
>into Page.sessionInvalidated() or something
>like this that I can ovverride with my
You can't do exactly what you want -- yet.
In Application.config, if you set IgnoreInvalidSession to 1, then when a
session expires, instead of getting the "cheesy" error page, the request
will simply proceed without a session. But you can't tell whether it's a
brand-new session or an expired session.
The relevant bit of code is in Application.py's handleInvalidSession method:
# Delete the session ID cookie from the request,
then handle the servlet
# as though there was no session
We could add an additional line after the del that calls
transaction.request().setInvalidSession(1). Then your servlets could check
for that flag using
# do something...
This is an easy change -- one line in Application.py and a pair of extra
methods in HTTPRequest.py.
Does anyone else think this sounds like a good idea?
Maybe it should be called "expiredSession" instead of "invalidSession"?
- Geoff Talvola