yes. shiro has session listener. http://shiro.apache.org/static/current/apidocs/org/apache/shiro/session/SessionListener.html
On 6 March 2014 09:38, Steve B <[email protected]> wrote: > Hi, > > is there an easy way to detect if a session has expired ? > > I got a sub-class of FormAuthenticationFilter where I override > onAccessDenied and would like to add some additional info on why a 401 is > returned. > > protected boolean onAccessDenied(ServletRequest request, ServletResponse > response) throws Exception > { > ... > // issue 401 > httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED); > } > > I thought about using a session listener, but it is not clear to me where > I should store expiration/stop info. > > > Thanks, > > Steve >
