Here is an interesting article: http://www.coldfusionjedi.com/index.cfm/2007/10/8/Ask-a-Jedi-How-can-you-timeout-a-session-in-an-Ajaxbased-application
Now, really, is there a way somewhere in the jQuery API that helps in detecting session timeouts in ajax calls? If there is not I would like to propose one. Normally if you do an ajax request and the session has timed out in the meantime then no matter what you expect to get as a response the response will be something different! You may, get a redirect to the login page or a string or an html page or anything depending on the case. But, it will be different than what you were expecting. One solution would be to send a specific entity back to the ajax caller that means that the session has timed out! For instance you can send back as data the string "session-timeout". This would work, but it would mean that you had to check for this string in each and every ajax call you make. Not nice! What would me much more preferrable is something like that: One should be able to declare a global function that takes care of session timeouts in ajax call. I say global so that one declares it once and then it is called automatically without having to pass it as an argument in every ajax call. This function would take care whatever is needed if ana ajax call fails due to a session timeout, for instance popup a username/password message and renew the session via ajax again! This way we need only provide a way so that the API actually detects the session timeout and then calls this designated function. We could devise some kind of protocol for that. Perhaps when the session times out the server can send a specific message like "session-timeout". Then the API with no interference by the programmer would automatically check every ajax response for that particular string and automatically call the above-mentioned function. Of course the string should be something more complicated than this to work in all cases. But this way the API can provide an integral and overall way for the users to tackle with the session timeouts via the API itself and not code of their own. What do you think..?
