Hi,
In my web application we have implemented the session and it works fine.
ie. it prompts for the userid/password when ever we give the URL by
opening a new IE window. i.e it goes through the session and see if the
:user_id is present in the session if not it prompts to log-in again.
But my problem is say if we “kill” the WebRICK abruptly by pressing ^C
and say my browser window is open at some specific screen. If i
refresh the page now it gives me Page not Found, which is fine, since
the server is down.
But when i restart the WebRICK server, i expect to prompt for the login
screen, but the behavioius is different, it does not prompt for login
page, it goes to the current screen where it was before the server went
down.
I guess what is happening is :user_id is still present in the Browser’s
Session, since we did not explicity call a reset_session which we do in
case of log-out since the server was killed abruptly. and that i guess
is the reason when the server is re-started it still finds the :user_id
in the session and happily moves forward.
I’m using MYSQL DB…
Any way to solve the above problem? What i’m going wrong. bottom line
since the server went down, it should prompt to go to the log-in
screen…!!
This is my authorize method
def authorize
if session[:user_id]
@current_user = User.find(session[:user_id])
else
reset_session
flash[:notice] = “Your Session is Expired, Please log into the
system…”
redirect_to(:controller => “login”, :action => “login”)
end
end
Thank You
Dinesh
