web.xml configuration to redirect to login page after session timeout in jsf
Solution 1
Possible answer: Handling ViewExpiredException depending on the current view.
What I'm using is a PrimeFaces - Extensions specific solution called AjaxErrorHandler. Take a look at their showcase for implementation tips.
As far as I know the above configuration will not work for AJAX requests.
Solution 2
Another possible answer: How to redirect to index page if session time out happend in jsf application
Yet another possible answer: Use a JSF PhaseListener
.
Additionaly, I suggest using a Filter
to check if your session is already alive and, if not, redirect to your custom error page (i don't remember where I learnt this method, probably through BalusC):
public class AuthenticationFilter implements Filter {
private FilterConfig config;
public void init(FilterConfig filterConfig) throws ServletException {
this.config = filterConfig;
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if(((HttpServletRequest) request).getSession().getAttribute("some_attribute_you_store_in_Session") == null){
((HttpServletResponse)response).sendRedirect("yourCustomJSF.jsf");
}else{
chain.doFilter(request, response);
}
}
public void destroy() {
this.config = null;
}
// You also have to implement init() and destroy() methods.
}
Then, you have to declare this filter (and the url patterns that will trigger the filter) in your web.xml:
<filter>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>yourPackage.AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>private.jsf</url-pattern>
</filter-mapping>
I store my own bean in my JSF session so I can keep my user information. When the filter receives a null
return while accessing the class, I know the session has been invalidated (maybe because it has expred, or just the user has logged out) and i redirect the request to my error page.
khan
I am a learner Who wants to learn All programming as well as Human Languages ....
Updated on July 20, 2022Comments
-
khan almost 2 years
Is there any configuration in web.xml which redirects the application to login page after sesion expired in JSF.I google it but didn't find any good and simple answer.
I found this but it didn't work.<error-page> <exception-type>javax.faces.application.ViewExpiredException</exception-type> <location>/faces/index.xhtml</location> </error-page>
If there is no configuration for this then how can i do this in JSF?
Thanks -
Darrell Teague almost 10 yearsIf just checking an HttpSession, use this syntax: HttpSession session = request.getSession(false); if (session == null) ... Otherwise it will CREATE a new session. No need for the random session variable.