java - How to differentiate between logout and session expired?

Question

Case 1: Log out : Once we log out, if one tries to access previous, it must automatically redirect to login.jsp

Case 2: Session expired : If session expires when user is still logged in, it must try to automatically redirect to sessionExpired.jsp when previous page is accessed.

How to differentiate ? I am currently invalidating session when logging out.

Answer 1

On login, set a cookie with a long expiry (> 24 hours). Remove this cookie at logout time by setting the maxage to 0.

You can have check for any non-logged in user (i.e. invalid session id). If the cookie does not exist, redirect him to login.jsp

If the cookie exists, it means his session expired so redirect him to session-expired.jsp