Thank you, but this isn't sufficient by itself. I'm using Acegi for security, which uses a filter to authenticate before my app receives control. Therefore, by the time the phase listener can execute, Acegi has already created a new user object for me, so I can't detect the timeout.
I have a servlet filter in place to do a redirect to a 'home' page in case of timeout. That works, but PPR requests still do not. This listener seems like the right idea though. I want to fire an arbitrary navigation rule when a timeout is detected. I simply cannot detect it by checking for the non-existence of a user object. I also tried having it check for the presence of an invalid session id in the request (what my servlet filter does), but Acegi apparently also fixes that too. Ideas? -----Original Message----- From: William Hoover [mailto:[EMAIL PROTECTED] Sent: Thursday, March 29, 2007 5:43 PM To: [email protected] Subject: RE: ADFFACES-37 (PPR and timeout) Daniel, Here is a solution to your problem. This will redirect the client back to your login page event when it is a PPR. In faces-config.xml: <lifecycle> <phase-listener>org.nemours.estore.ui.filter.LoginPhaseListener</phase-l istener> </lifecycle> In LoginPhaseListener: public class LoginPhaseListener implements PhaseListener { /** * @see javax.faces.event.PhaseListener#afterPhase(javax.faces.event.PhaseEvent) */ public void afterPhase(PhaseEvent pPhaseEvent) { log.debug("afterPhase:" + pPhaseEvent.getPhaseId()); } /** * @see javax.faces.event.PhaseListener#beforePhase(javax.faces.event.PhaseEvent ) */ public void beforePhase(PhaseEvent pPhaseEvent) { log.debug("beforePhase:" + pPhaseEvent.getPhaseId()); if (pPhaseEvent.getPhaseId() == PhaseId.RENDER_RESPONSE) { FacesContext facesContext = pPhaseEvent.getFacesContext(); log.debug("source:" + pPhaseEvent.getSource().toString()); HttpSession httpSession = (HttpSession) facesContext.getExternalContext().getSession(false); String requestURI = ((HttpServletRequest)facesContext.getExternalContext().getRequest()).get RequestURI(); if ((!requestURI.endsWith("login.jsf")) && (requestURI.endsWith(".jsf"))) { AppUser user = (AppUser) httpSession.getAttribute(LOOKUP_SESSION_USER); if ((user == null) || (user.equals(""))) { facesContext.getApplication().getNavigationHandler().handleNavigation(fa cesContext, "loginAction", "failure"); } } } } /** * @see javax.faces.event.PhaseListener#getPhaseId() */ public PhaseId getPhaseId() { return PhaseId.ANY_PHASE; } } -----Original Message----- From: Daniel Hannum [mailto:[EMAIL PROTECTED] Sent: Thursday, March 29, 2007 3:19 PM To: [email protected] Subject: ADFFACES-37 (PPR and timeout) Hi, I'm curious if any more thought has gone into the timeout issue with PPR (ADFFACES-37). It's still a problem. If the session times out and and PPR request is (I believe) sent to the login page. But the browser doesn't display it and the user has no way of knowing. They just get a page that doesn't update. Are there workarounds? Thanks. Dan
