1) do redirect in case of ajax calls
2) do redirect in case of non-ajax calls
there is no 1) and/or 2), only 1) XOR 2).. means i can handle ajax calls OR non-ajax calls to do a redirect and some other problems i will mention in the following
first i would like to say what i have done so far (it feels like hackish.. expecialy the ajax-call redirect)
i combined varoius solutions and ideas to the following:
(most of it i found googleing and combined it.. sources are
ajax redirect http://stackoverflow.com/questions/1990 ... 895#579895
non ajax redirect http://techieexchange.wordpress.com/200 ... -solution/)
here is what i have combined the ideas to:
MySessionListener
Code: Select all
import java.util.Date;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
/**
* Thanks to hturksoy
**/
public class MySessionListener implements HttpSessionListener {
public MySessionListener() {
}
public void sessionCreated(HttpSessionEvent event) {
System.out.println("Current Session created : "
+ event.getSession().getId() + " at " + new Date());
}
public void sessionDestroyed(HttpSessionEvent event) {
// get the destroying session...
HttpSession session = event.getSession();
System.out.println("Current Session destroyed :" + session.getId()
+ " Logging out user...");
// Only if needed
try {
prepareLogoutInfoAndLogoutActiveUser(session);
} catch (Exception e) {
System.out
.println("Error while logging out at session destroyed : "
+ e.getMessage());
}
}
/**
* Clean your logout operations.
*/
public void prepareLogoutInfoAndLogoutActiveUser(HttpSession httpSession) {
// Only if needed
httpSession.invalidate();
}
}
Code: Select all
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Scope;
/**
* When the session destroyed, MySessionListener will do necessary logout
* operations. Later, at the first request of client, this filter will be fired
* and redirect the user to the appropriate timeout page if the session is not
* valid.
*
* Thanks to hturksoy
*
*/
@Scope(ScopeType.APPLICATION)
public class SessionTimeoutFilter implements Filter {
private String timeoutPage = "home";
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
if ((request instanceof HttpServletRequest)
&& (response instanceof HttpServletResponse)) {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
// is session expire control required for this request?
if (isSessionControlRequiredForThisResource(httpServletRequest)) {
// is session invalid?
if (isSessionInvalid(httpServletRequest)) {
String timeoutUrl = httpServletRequest.getContextPath()
+ "/" + getTimeoutPage();
// NON-AJAX ONLY
httpServletResponse.sendRedirect(timeoutUrl);
// AJAX ONLY
httpServletResponse.addHeader("GOTO_TIMEOUT_PAGE",timeoutUrl);
return;
}
}
}
filterChain.doFilter(request, response);
}
private boolean isSessionControlRequiredForThisResource(
HttpServletRequest httpServletRequest) {
String requestPath = httpServletRequest.getRequestURI();
boolean controlRequired = !StringUtils.contains(requestPath,
getTimeoutPage());
return controlRequired;
}
private boolean isSessionInvalid(HttpServletRequest httpServletRequest) {
boolean sessionInValid = (httpServletRequest.getRequestedSessionId() != null)
&& !httpServletRequest.isRequestedSessionIdValid();
return sessionInValid;
}
public void destroy() {
}
public String getTimeoutPage() {
return timeoutPage;
}
public void setTimeoutPage(String timeoutPage) {
this.timeoutPage = timeoutPage;
}
}
Code: Select all
<session-config><!-- timeout 1 minute to test the expire redirect -->
<session-timeout>1</session-timeout>
</session-config>
<listener>
<listener-class>package.MySessionListener</listener-class>
</listener>
<filter>
<filter-name>SessionTimeoutFilter</filter-name>
<filter-class>package.SessionTimeoutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SessionTimeoutFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
Code: Select all
<!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:s="http://jboss.com/products/seam/taglib"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:p="http://primefaces.prime.com.tr/ui"
template="layout/template.xhtml">
<ui:define name="head">
<script type="text/javascript">
/* <![CDATA[ */
new PrimeFaces.widget.AjaxStatus('uniqueIdentifier0815').bindCallback('ajaxComplete',function(event,request,settings){
alert("debug: " + request.getResponseHeader('GOTO_TIMEOUT_PAGE'));
if (request.getResponseHeader('GOTO_TIMEOUT_PAGE') != null) {
window.location = request.getResponseHeader('GOTO_TIMEOUT_PAGE');
}
});
/* ]]> */
</script>
</ui:define>
<ui:define name="body">
<p:growl id="growl" showDetail="true" />
<h:form id="mainForm">
<p:commandButton ajax="true" value="TestAjax"
update="growl" action="#{backingBean.serverAction}" />
</h:form>
</ui:define>
</ui:composition>
if i do (in SessionTimeoutFilter) only the following:
Code: Select all
...
httpServletResponse.addHeader("GOTO_TIMEOUT_PAGE",timeoutUrl);
...
Code: Select all
new PrimeFaces.widget.AjaxStatus('uniqueIdentifier0815').bindCallback('ajaxComplete',function(event,request,settings){
alert("debug: " + request.getResponseHeader('GOTO_TIMEOUT_PAGE'));
if (request.getResponseHeader('GOTO_TIMEOUT_PAGE') != null) {
window.location = request.getResponseHeader('GOTO_TIMEOUT_PAGE');
}
});
but if i do normal (non ajax action involved) navigation in the topbar.. nothing happens (why should.. i only added a response header )
so i add (in SessionTimeoutFilter) the
Code: Select all
...
httpServletResponse.sendRedirect(timeoutUrl);
httpServletResponse.addHeader("GOTO_TIMEOUT_PAGE",timeoutUrl);
...
BUT if i press the "Test" button on the page nothing happens.. the ajax callback function is not called at all
so i can only
1) do redirect in case of ajax calls
2) do redirect in case of non-ajax calls
but not the combination of both..
another problem is that i only know the
Code: Select all
new PrimeFaces.widget.AjaxStatus('uniqueIdentifier0815').bindCallback('ajaxComplete',function(...
in the case of
Code: Select all
<p:commandButton global="false" ...
so if the combination problem of 1) AND 2) together is solved.. there would stand the question "how to hook up ANY ajax request?"
the questions now are:
how to combine the way 1) AND 2), not only 1) XOR 2)?
how to hook up ANY ajax request on client-side?
is there another way get the sessiontimeout redirect working for normal navigation and ajax-requests with jsf 1.2 (except switch to jsf 2.0 *gg* )?
thank you