会话超时
当我的登录页面加载时,浏览器正在创建会话。 但用户直到会话超时才登录。 但之后他尝试登录。 但由于会话已经被销毁,他被带到会话过期页面。
现在我的要求
如果当用户仍在登录页面时会话被破坏,我应该在他尝试登录之前将他重定向到会话过期页面,即当会话被破坏事件被触发时我应该将他重定向到会话过期页面。
请让我告诉我对此应该采取什么方法。
When my login page is loaded browser is creating the session .
But user doesn't log in until the session times out .
But after that he tries to login.
But as session has been already destoryed he is taken to session expire page.
Now my requirement
If session get destroyed when user is still on the login page i should redirect him to session expire page before he tries to login i.e when session destroyed event is fired i should be redirecting him to session expire page.
Please let me what should be my approach on this.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
服务器只能在浏览器发送请求时重定向浏览器,而仅坐在登录页面的用户不会发送任何内容。
但是,网页可以定期向服务器发出后台 AJAX 请求,不断检查会话是否过期。如果 AJAX 请求被告知会话已过期,浏览器会通知用户。
然而,AJAX 请求本身可能实际上会使会话保持活动状态,这反而避免了问题的开始。
也许更好的解决方案是在显示登录页面时不创建会话,而是将会话创建推迟到尝试登录为止。不过,这可能不适合您的设计。
The server can only redirect the browser when the browser sends a request, and a user just sitting at the login page isn't sending anything.
However, the web page could make regular background AJAX requests to the server, constantly checking for session expiry. If the AJAX request is informed of an expired session, the browser inform the user.
However, it's likely that the AJAX request itself will actually keep the session alive, which rather avoids the problem to begin with.
A nicer solution, perhaps, is not to create session when displaying the login page, deferring session creation until the login attempt is made. That may not be an option for your design, though.