1

I ran into the following problem. I have a web application which uses JSF (PrimeFaces 3.4) and Glassfish. I am trying to redirect the user to the login page, when a session timeout occurs. Now I have read a lot about this, and tried a lot of solutions. First I tried writing an ExceptionHandler with no results. After hours of research, I decided to try Omnifaces (1.3-SNAPSHOT) FullAjaxExceptionHandler. Still no result.

While debugging, I noticed, that the handlerfactory is being called correctly, but the UnhandledExceptionQueue is always empty for me. It seems that there is no ViewExpiredException (or any other type of exception) is thrown.

The symptom is always the same: after the session timeout occurs, there is absolutely no response from the server. Only if I reload the whole page, the login page appears, showing that the session is not valid anymore.

Please give me some advice on this, thank you very much!

omniflash
  • 191
  • 1
  • 14
  • Do you have custom filters which control the request/response depending on a session attribute? It might have forwarded/redirected the request in a way which is only valid for synchronous requests. I also wonder if you're describing *"there is absolutely no response from the server"* in enduser's terms or in developer's terms. Have you checked the HTTP traffic? Please post the response headers and body which you found in webbrowser's developer toolset (press F12 in Chrome/IE9/Firebug and check "Network" section). – BalusC Nov 21 '12 at 14:12
  • I have checked the response from the server and it is exactly the xhtml of the login page. So the response is correct, it's only not getting displayed. I did not mention that this is an XHTML request, I don't know if it changes anything. – omniflash Nov 22 '12 at 08:27
  • I noticed that the response is different from what is sent during the session is alive. So there is no or anything like that. Also I have a FORM /app/login.xhtml /app/error.xhtml block in the web.xml. Maybe it has something to do with the problem? – omniflash Nov 22 '12 at 09:56
  • Aha, you're using container managed authentication. That might explain it. Your problem is most likely the same as http://stackoverflow.com/questions/12504131/viewexpiredexception-not-thrown-on-ajax-request-if-jsf-page-is-protected-by-j-se. However, OmniFaces 1.2 should already automatically have covered this. Were you using Mojarra or MyFaces? There turns out to be a problem in handling the ajax response when MyFaces+PrimeFaces is used, which is fixed in 1.3 snapshot 20121121. Can you please give the current 1.3 snapshot a try? – BalusC Nov 22 '12 at 11:08
  • Im using Mojarra. I tried the new 1.3 snapshot, but with no luck. However I modified the and attributes to jsf extension, and now if I click on any button after timeout, an error code 500 exception generates, which is catched by the ExceptionHandler and redirects to the login page (I have added login.jsf as error page for error code 500). This is one step forward, but I'd like to have an automatic redirection after the timeout. I also tried to use the PhaseListener that is used in the link you provided, but the result is unfortunately the same :/ – omniflash Nov 22 '12 at 12:02
  • Oh, the login page was originally not a JSF page at all, this also explains it. But which exception exactly did you got? Automatic redirection after timeout is tricky to implement clientside. You might want to give this approach a try: http://stackoverflow.com/questions/3201991/auto-log-off-once-the-session-expires/3203250#3203250 – BalusC Nov 23 '12 at 17:24
  • Thank you very much for your help BalusC, I needed to move on to other tasks. The session handling now works in an acceptable way. There is no automatic redirection, but if I click somewhere after session timeout, I get redirected due to the error code 500 exception, which is caught during an Ajax request if the session has expired. I will check your link if I have the time, but anyway thank you very much, you helped a lot :) – omniflash Nov 26 '12 at 08:25

0 Answers0