By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,737 Members | 1,971 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,737 IT Pros & Developers. It's quick & easy.

loggedIn, same session, thru several pages

P: n/a
D E
What are some good methods of letting a user's "identity" (?session?) be
known across several webpages. For example, a user logs in, and several
pages say "Welcome back KNOWN USER" if he successfully logged in... Is it as
simple as checking a cookie and setting a variable loggedIn=TRUE or are
there more durable methods not prone to possible security problems? THANKS
Jul 17 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
Well..

I assume u talking about using Java Server Pages..

Well the easiest is to use the session variables
<%=session.getAttribute("myname")%>

Just google off for session.setAttribute or session.getAttribute.. should be
good enuff to help you.

Few things to to consider, session will last typically across the same
thread of the explorer, i,e. if you press Ctrl-N, most likely the session
will carry across the new window...

In order to reset the session... use session.invalidate
"D E" <no*****@nothing.com> wrote in message
news:Py******************@nwrdny03.gnilink.net...
What are some good methods of letting a user's "identity" (?session?) be
known across several webpages. For example, a user logs in, and several
pages say "Welcome back KNOWN USER" if he successfully logged in... Is it as simple as checking a cookie and setting a variable loggedIn=TRUE or are
there more durable methods not prone to possible security problems? THANKS

Jul 17 '05 #2

P: n/a
"D E" <no*****@nothing.com> wrote in message news:<Py******************@nwrdny03.gnilink.net>.. .
What are some good methods of letting a user's "identity" (?session?) be
known across several webpages. For example, a user logs in, and several
pages say "Welcome back KNOWN USER" if he successfully logged in... Is it as
simple as checking a cookie and setting a variable loggedIn=TRUE or are
there more durable methods not prone to possible security problems? THANKS


There are two generally accepted methods:

1) cookies - but some organizations insist that cookies be turned
off

2) Session - the session object can carry information page to page
and it can't be turned off in the browser

I like #2.
Jul 17 '05 #3

P: n/a
> 2) Session - the session object can carry information page to page
and it can't be turned off in the browser


As long as you make sure to rewrite all URLs that is (just clarifying)
Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.