问题
Is there a way to "catch" the session timeout event, so as to retrieve data from HttpSession before its invalidated ?
We're implementing the Filter Interface, and in the doFilter method, the user we stored in the session object at login is null when session times out.
Thanks in advance.
回答1:
You should be able to register an HttpSessionListener for your webapp that will allow you to get notified when a Session is destroyed.
It has two callback methods:
public void sessionCreated(HttpSessionEvent se)public void sessionDestroyed(HttpSessionEvent se)
The HttpSessionEvent class has a getSession method that should let you get the affected session.
The listener class is registered in the web.xml
<listener>
<description>My Session Listener</description>
<listener-class>
my.package.MySessionListener
</listener-class>
</listener>
回答2:
Have the user object implement HttpSessionBindingListener, then it can see for itself when it is added to or removed from the session.
回答3:
You can always ad a piece of JSP that will check to see if your session is still active or valid - basically check to see if a session var exists (!=null) and if it doesn't - redirect the user to another page -
<%
// check for session object
HttpSession validuser = request.getSession();
// check to see if session var exists
if (validuser.getValue("auth_user") == null) {
response.sendRedirect("admin3.jsp?access+denied");
}
// if the session var is null then redirect the user
Hope this helps Mark
Source : http://www.coderanch.com/t/279538/JSP/java/jsp-session-timeout
来源:https://stackoverflow.com/questions/3064340/any-way-to-anticipate-session-timeout