I also experienced a problem with the session timeout, and if for example the
user clicks on "Edit Profile" after the session times out, you get a
horrible stack trace, instead of a graceful redirect to the login page.
To overcome this, I put the following code in MessageFilter.java:
//redirect to login if session has expired
String username = request.getRemoteUser();
if (username == null){
UrlPathHelper urlPathHelper = new UrlPathHelper();
String path = urlPathHelper.getPathWithinApplication(request);
if (path.contains("mainMenu") || path.contains("signup") ||
path.contains("passwordHint")){
//ignore
}else{
RequestDispatcher rd =
request.getRequestDispatcher("/login.jsp");
rd.forward(request, res);
return;
}
}
In my app, the user isn't required to login to view the mainMenu page, hence
it only redirects for other pages that require a valid user.
mraible wrote:
>
> There is no filter that's responsible for detecting a timeout. You
> could create an HttpSessionListener that listens for deactivation, but
> I don't believe you can actually detect it with a filter and forward
> to a "your session has expired page".
>
> http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpSessionListener.html
>
> Matt
>
> On 4/12/07, VJ22 <[EMAIL PROTECTED]> wrote:
>>
>> Hello Matt...tks for the answer
>>
>> I have specified the same in the web.xml file .... but which filter is
>> responsible for actually detecting a session timeout within Acegi within
>> Appfuse ?
>>
>>
>>
>> mraible wrote:
>> >
>> > It should be specified in web.xml.
>> >
>> > Matt
>> >
>> >
>> > On 4/12/07, VJ22 <[EMAIL PROTECTED]> wrote:
>> >>
>> >> Hello,
>> >>
>> >> Which filter in the acegi security filter chain checks for a session
>> >> timeout
>> >> within the Appfuse configuration ? I am using the default of 30
>> minutes
>> >> in
>> >> the web.xml ?
>> >> I need a bit more flexibility in my logout process and was going
>> through
>> >> the
>> >> maze of configuration files to figure out how the framework handles
>> >> session
>> >> timeouts ?
>> >>
>> >> tks in advance
>> >>
>> >> Rgds...VJ
>> >> --
>> >> View this message in context:
>> >> http://www.nabble.com/session-timeout-tf3564175s2369.html#a9955303
>> >> Sent from the AppFuse - User mailing list archive at Nabble.com.
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> >> For additional commands, e-mail: [EMAIL PROTECTED]
>> >>
>> >>
>> >
>> >
>> > --
>> > http://raibledesigns.com
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: [EMAIL PROTECTED]
>> > For additional commands, e-mail: [EMAIL PROTECTED]
>> >
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/session-timeout-tf3564175s2369.html#a9958216
>> Sent from the AppFuse - User mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
>
> --
> http://raibledesigns.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/session-timeout-tp9955303s2369p14437100.html
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
