如何区分注销和会话过期？ [英] How to differentiate between logout and session expired?

问题描述

案例1：注销：一旦我们注销，如果有人试图访问之前，它必须自动重定向到login.jsp

Case 1: Log out : Once we log out, if one tries to access previous, it must automatically redirect to login.jsp

案例2：会话已过期：如果会话在用户仍然登录时到期，则必须在访问上一页时尝试自动重定向到sessionExpired.jsp。

Case 2: Session expired : If session expires when user is still logged in, it must try to automatically redirect to sessionExpired.jsp when previous page is accessed.

如何区分？我现在正在注销会话时使会话无效。

How to differentiate ? I am currently invalidating session when logging out.

推荐答案

登录时，设置一个长期到期（> 24小时）的cookie。通过将maxage设置为0，在注销时删除此cookie。

On login, set a cookie with a long expiry (> 24 hours). Remove this cookie at logout time by setting the maxage to 0.

您可以检查是否有任何未登录的用户（即无效的会话ID）。
如果cookie不存在，请将其重定向到login.jsp

You can have check for any non-logged in user (i.e. invalid session id). If the cookie does not exist, redirect him to login.jsp

如果cookie存在，则表示其会话已过期，因此将其重定向到会话过期。 jsp

If the cookie exists, it means his session expired so redirect him to session-expired.jsp

这篇关于如何区分注销和会话过期？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！