I should assign unique JSESSIONID after authentication. The JSESSIONID before authentication and after authentication should always be different.
So, how can I do this using Struts 2?
Asked
Active
Viewed 2,923 times
2
Roman C
- 49,761
- 33
- 66
- 176
-
Don't use Struts 2.0, use Struts 2.3.16.3 – Andrea Ligios Nov 21 '14 at 12:40
-
okey..but can you please provide any login example – Nov 21 '14 at 12:53
-
What's the point of doing this? – Dave Newton Nov 21 '14 at 13:58
-
how to maintain session id throughout the application can you please tell me. – Nov 28 '14 at 04:38
2 Answers
1
Unique session id you can get if you get HttpSession object. In Struts2
HttpSession session = ServletActionContext.getRequest().getSession();
System.out.println("Old session ID: "+session.getId());
//do authentication
session = ServletActionContext.getRequest().getSession(true);
System.out.println("New session ID: "+session.getId());
Roman C
- 49,761
- 33
- 66
- 176
1
You should refer to following
http://nickcoblentz.blogspot.in/2008/09/jsessionid-regeneration-in-struts-2.html
Your class must implement SessionAware for this. There are 4 methods suggested for it .
One of them could be
((SessionMap)this.session).invalidate();
this.session = ActionContext.getContext().getSession();
Amar Deep Singh
- 111
- 8