I need help with JSP session.
I have a login page. When a user logs in then, i set a session and its expiration time. So, when the session is expired, the user will be redirected to the login page with a session expired message.
I want to identify if a page has been loaded first time by the user, or it has been loaded as a result of expiration of session.
I do the following when the user successfully logs in:
I check this in every page (i.e. check in the header of everypage)
String username = (String) session.getAttribute("username");
if (session.isNew() == true && username == "")
//check the credentials
Also when the user logs out the following code is executed:
My problem is that even when the user comes to the page for first time, it redirects the user to "login.jsp?rtype=expired" page.
The check of 'session.isNew()' is most likely always returning true during the first time a user visits your site.
// Create one if it doesnt exist or else return the existing one
HttpSession session = request.getSession(true)