468,251 Members | 1,417 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,251 developers. It's quick & easy.

loggedIn, same session, thru several pages

D E
What are some good methods of letting a user's "identity" (?session?) be
known across several webpages. For example, a user logs in, and several
pages say "Welcome back KNOWN USER" if he successfully logged in... Is it as
simple as checking a cookie and setting a variable loggedIn=TRUE or are
there more durable methods not prone to possible security problems? THANKS
Jul 17 '05 #1
3 1384
Well..

I assume u talking about using Java Server Pages..

Well the easiest is to use the session variables
<%=session.getAttribute("myname")%>

Just google off for session.setAttribute or session.getAttribute.. should be
good enuff to help you.

Few things to to consider, session will last typically across the same
thread of the explorer, i,e. if you press Ctrl-N, most likely the session
will carry across the new window...

In order to reset the session... use session.invalidate
"D E" <no*****@nothing.com> wrote in message
news:Py******************@nwrdny03.gnilink.net...
What are some good methods of letting a user's "identity" (?session?) be
known across several webpages. For example, a user logs in, and several
pages say "Welcome back KNOWN USER" if he successfully logged in... Is it as simple as checking a cookie and setting a variable loggedIn=TRUE or are
there more durable methods not prone to possible security problems? THANKS

Jul 17 '05 #2
"D E" <no*****@nothing.com> wrote in message news:<Py******************@nwrdny03.gnilink.net>.. .
What are some good methods of letting a user's "identity" (?session?) be
known across several webpages. For example, a user logs in, and several
pages say "Welcome back KNOWN USER" if he successfully logged in... Is it as
simple as checking a cookie and setting a variable loggedIn=TRUE or are
there more durable methods not prone to possible security problems? THANKS


There are two generally accepted methods:

1) cookies - but some organizations insist that cookies be turned
off

2) Session - the session object can carry information page to page
and it can't be turned off in the browser

I like #2.
Jul 17 '05 #3
> 2) Session - the session object can carry information page to page
and it can't be turned off in the browser


As long as you make sure to rewrite all URLs that is (just clarifying)
Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

4 posts views Thread by DavidS | last post: by
31 posts views Thread by Harry Simpson | last post: by
2 posts views Thread by competitions | last post: by
6 posts views Thread by =?Utf-8?B?SWFpbg==?= | last post: by
5 posts views Thread by damezumari | last post: by
1 post views Thread by Rusty Hill | last post: by
reply views Thread by NPC403 | last post: by
reply views Thread by kermitthefrogpy | last post: by
reply views Thread by zattat | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.