Session management

rbhayani Aug 27, 2008 8:21 PM

Hi All,

Session management problem.

I have added,

<session-config>
            <session-timeout>2</session-timeout>
</session-config>

in my web.xml What I want is that, once the session expires the user must be redirected to login.xhtml. To achieve this I have added the snippet given below in pages.xml

<exception class="javax.faces.application.ViewExpiredException" >
        <redirect view-id="/login.xhtml">
            <message>Your session has timed out, please try again</message>
        </redirect>
    </exception>

When the session times out after 2 minutes and I try to submit any data, it directs me to login.xhtml. However if I just try to browse the other links of the applications it takes me to all those pages showing null data everywhere. I was expecting that this browsing must too redirect the User to login.xhtml and indicate that the session has expired.

How do I achieve this? Am I going wrong some where.

regards,
Raziya

1. Re: Session management

sjmenden Aug 27, 2008 9:31 PM (in response to rbhayani)

I recommend you read: http://in.relation.to/Bloggers/ImplementingGracefulSessionTimeoutWithSeamJSFAndJQuery post back if you have further questions.
Actions

2. Re: Session management

mcoffin Aug 27, 2008 10:30 PM (in response to rbhayani)

Will this work for you:

Ensure your login.xhtml pages is at the top (root) of the web, and the pages you want to secure under /app/ or what ever you want to call it.

pages.xml

    <page view-id="/app/*" login-required="true">
    ...
    ...
    </page>

    <exception class="org.jboss.seam.security.NotLoggedInException">
        <redirect view-id="/login.xhtml">
            <message severity="warn">You must be logged in to use this feature, if you were previously logged in your session may have timed out.</message>
        </redirect>
    </exception>

Go to original post