java - Comparing new and old session -
for instance have login page. creating session , append our text it.. trying compare old session , new session. lets put,
1) user login test // if incorrect password , redirect login page , append "test" session
2) if user login different username on second try // want append new session , compare old session . lets ,,
if(session1 not equal session 2){ restart attempt incremental } else if (session1 session 1){ increment attempt -1 }
lets put our jsp file follow
<form action="servlet" method="post"> <input type="text" name="username"> </form>
in our servlet file
dopost(httpse....){ //get parameter string name = request.getparameter("username"); //create session httpsession session = request.getsession(true); session.setattribute("username", name); string session_name = (string)session.getparameter("username"); //validate if username = test, redirect if(name.equal("test")){ //this redirect different page } else if(session_name.equals(name)){ //do something.. } else { //do something... }
i need compare old session , new session.
i tried using (session.isnew()) not work, redirect me else statement ..
this actual code
httpsession session = request.getsession(true); httpsession session_newusername = request.getsession(true); session.setattribute("username", username); string session_username = (string)session.getattribute("username"); system.out.println(" data .... " + session_username); int loginattempt; if(session.getattribute("logincount") == null){ session.setattribute("logincount", 0); loginattempt = 0; } else if(session.isnew()) { system.out.println("if user key in same username"); loginattempt = (integer)session.getattribute("logincount"); if(loginattempt == 3){ session.setmaxinactiveinterval(5); session.setattribute("message", "your account blocked, please contact admin or wait 2mins"); //system.out.println(session.getattribute("message")); response.sendredirect("pages/login/login.jsp"); } else { system.out.println("how many attempt left " + loginattempt); loginattempt++; int leftattempt = 4 - loginattempt; session.setattribute("message", "you left " + leftattempt + " attempt"); //system.out.println(session.getattribute("message")); response.sendredirect("pages/login/login.jsp"); } session.setattribute("logincount", loginattempt); } else { response.sendredirect("pages/login/login.jsp"); system.out.println("username not same"); session.invalidate(); } }
when previous session invalidated (closed after timeout example) session attributes destroyed. cannot add attribute , attempt previous invalidated session. can access them within same active session.
so, cannot achieve want in way. need store data somewhere else example in database or jvm memory. not in session attributes.
if want determine in same active session, need check presence of username
attribute in current session , act want:
username = (string) session.getattribute("username"); if (username == null) { // here don't have previous invocation of setattribute session.setattribute("username", login); } else { // setattribute previous invocation on current session // add errors here }
Comments
Post a Comment