java - Comparing new and old session -


for instance have login page. creating session , append our text it.. trying compare old session , new session. lets put,

1) user login test // if incorrect password , redirect login page , append "test" session

2) if user login different username on second try // want append new session , compare old session . lets ,,

if(session1 not equal session 2){    restart attempt incremental } else if (session1 session 1){   increment attempt -1 } 

lets put our jsp file follow

<form action="servlet" method="post"> <input type="text" name="username"> </form> 

in our servlet file

dopost(httpse....){ //get parameter  string name = request.getparameter("username");  //create session httpsession session = request.getsession(true); session.setattribute("username", name); string session_name = (string)session.getparameter("username");  //validate if username = test, redirect  if(name.equal("test")){   //this redirect different page } else if(session_name.equals(name)){   //do something.. } else {  //do something... } 

i need compare old session , new session.

i tried using (session.isnew()) not work, redirect me else statement ..

this actual code

httpsession session = request.getsession(true);         httpsession session_newusername = request.getsession(true);         session.setattribute("username", username);         string session_username = (string)session.getattribute("username");         system.out.println(" data .... " + session_username);          int loginattempt;             if(session.getattribute("logincount") == null){                 session.setattribute("logincount", 0);                 loginattempt = 0;             } else if(session.isnew()) {                 system.out.println("if user key in same username");                 loginattempt = (integer)session.getattribute("logincount");                 if(loginattempt  == 3){                      session.setmaxinactiveinterval(5);                     session.setattribute("message", "your account blocked, please contact admin or wait 2mins");                     //system.out.println(session.getattribute("message"));                     response.sendredirect("pages/login/login.jsp");                 } else {                     system.out.println("how many attempt left " + loginattempt);                     loginattempt++;                     int leftattempt = 4 - loginattempt;                     session.setattribute("message", "you left " + leftattempt + " attempt");                     //system.out.println(session.getattribute("message"));                     response.sendredirect("pages/login/login.jsp");                 }                 session.setattribute("logincount", loginattempt);             } else {                 response.sendredirect("pages/login/login.jsp");                 system.out.println("username not same");                 session.invalidate();             }      } 

when previous session invalidated (closed after timeout example) session attributes destroyed. cannot add attribute , attempt previous invalidated session. can access them within same active session.

so, cannot achieve want in way. need store data somewhere else example in database or jvm memory. not in session attributes.

if want determine in same active session, need check presence of username attribute in current session , act want:

username = (string) session.getattribute("username"); if (username == null) {     // here don't have previous invocation of setattribute     session.setattribute("username", login); } else {     // setattribute previous invocation on current session     // add errors here } 

Comments

Popular posts from this blog

android - InAppBilling registering BroadcastReceiver in AndroidManifest -

python Tkinter Capturing keyboard events save as one single string -

sql server - Why does Linq-to-SQL add unnecessary COUNT()? -