Geek Answers Handbook

Auto-redirect JSP after session / timeout

Is there a way to determine the session timeout without (user interaction) * and redirect it to some page; those. if there is no activity on the @ page; the server detects it and automatically redirects it to another.

By user interaction, I mean; there is a way to determine the session timeout when the user clicks on something, then some request is sent to the server, and then the server checks whether the current user session has expired or not.

I need that we do not tell the server anything (or we do not perform any actions), but when the session expires, the server automatically detects it and performs the required action.

Thanks, Times

+6
source share
4 answers

Of course, you can do this in JavaScript by executing a keyboard and / or mouse listener for the entire document and a periodic timeout method.

var timeOut = 1000 * 60 * 30; // 30 minutes
var lastActivity = new Date().getTime();
var checkTimeout;
checkTimeOut = function(){
    if(new Date().getTime() > lastActivity + timeOut){
        // redirect to timeout page
    }else{
        window.setTimeout(checkTimeOut, 1000); // check once per second
    }
}

now your global listeners just need to set lastActivity to the current time for each action.

When re-reading the question, you want to use the actual session timeout from the application server. This is tricky because when you send ajax requests to the server, you cannot actually end the session (unless there is a hard limit), so my answer may be the best way to do this.

+3
source

( ) , :

,

<%
int timeout = session.getMaxInactiveInterval();
response.setHeader("Refresh", timeout + "; URL = login.jsp");
%>

, , , / login.jsp( URL-)

( - )

(timedoutRedirect.jsp) , , " JSP" ( web.xml)

<jsp-property-group>
        <display-name>all jsp</display-name>
        <url-pattern>/users/*</url-pattern>
        <include-prelude>/timedoutRedirect.jsp</include-prelude>           
</jsp-property-group>

(, URL- )

+7

, ...

javascript. ajax ( , , ), .

, ( , ). , , session.invalidate(), ajax-, . reset , - , (.. , ..)

0

, Spring-MVC Spring-Security, .

  • AJAX
  • /

. autologout

.

1. / . , 10 000 .
2. .
3. , .
4. , 30 , , , ( ). , .

1. JSP, .

    ....
    </body>
    <jsp:include page="../template/autologout-script.jsp"></jsp:include>
</html>

2. JSP, autologout-script.jsp . . / .

<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>

<script>
$(document).ready(function()
{
    var timeOutTimeInSeconds = ${ timeOutTimeInSeconds }; 
    var showTimerTimeInSeconds= ${ showTimerTimeInSeconds };

    var sessionCheckIntervalId = setInterval(redirectToLoginPage, timeOutTimeInSeconds * 1000);
    var timerDisplayIntervalId = setInterval(showTimer, (timeOutTimeInSeconds - showTimerTimeInSeconds) * 1000);
    var badgeTimerId;
    window.localStorage.setItem("AjaxRequestFired", new Date());

    function redirectToLoginPage(){
        //location.href =  '<c:url value="/" />'+'${loginPageUrl}';
        window.location.reload();
    }

    $(document).ajaxComplete(function () {
        resetTimer();
    });

    $(window).bind('storage', function (e) {
         if(e.originalEvent.key == "AjaxRequestFired"){
             console.log("Request sent from another tab, hence resetting timer")
             resetTimer();
         }
    });

    function resetTimer()
    {
        showTimerTimeInSeconds= ${ showTimerTimeInSeconds };

        console.log("timeOutTimeInSeconds : "+timeOutTimeInSeconds)
        window.localStorage.setItem("AjaxRequestFired", new Date());

        window.clearInterval(sessionCheckIntervalId);
        sessionCheckIntervalId = setInterval(redirectToLoginPage, timeOutTimeInSeconds * 1000);

        window.clearInterval(timerDisplayIntervalId);
        timerDisplayIntervalId = setInterval(showTimer, (timeOutTimeInSeconds - showTimerTimeInSeconds) * 1000);

        hideTimer();
    }

    function showTimer()
    {
        $('#sessionTimeRemaining').show();
        $('#sessionTimeRemainingBadge').html(showTimerTimeInSeconds--);
        window.clearInterval(timerDisplayIntervalId);
        badgeTimerId = setInterval(function(){
            $('#sessionTimeRemainingBadge').html(showTimerTimeInSeconds--);
        }, 1000);
    }

    function hideTimer()
    {
        window.clearInterval(badgeTimerId);
        $('#sessionTimeRemaining').hide();
    }
});
</script>

3. . . sessionCreated HttpSessionListener .

session.setMaxInactiveInterval(300);

session.setAttribute("timeOutTimeInSeconds", 300);
session.setAttribute("showTimerTimeInSeconds", 30);

4. HTML .
: , CSS. , .
CSS.

<span class="badge badge-primary" title="click to keep session alive" id="sessionTimeRemaining" 
    onclick="ajaxSessionRefresh()" style="display:none;">
    <i class="badge badge-danger" id="sessionTimeRemainingBadge" style="float:left">30</i>
     &nbsp; 
     <small>Refresh</small>
     <i class="glyphicon glyphicon-refresh"></i>
</span>

enter image description here

. github
Autologout
Autologout Java Spring-Security
Autologout Spring-Security XML

1:
, maxInactiveInterval. - .
2: AJAX
, AJAX, .ajaxStart() .ajaxComplete() jquery, ajax .
3: /
Intertab . localStorage .

/
1. , , AJAX . , .
2. ajaxStart() ajaxComplete() idleTime .


1. Jquery

1. http. ( AJAX)

response.setHeader("Refresh", "60; URL=login.jsp");
  1. meta meta HTML ( AJAX)
<meta http-equiv="refresh" content="60; url=login.jsp">
  1. AJAX. -.
    , . .
    • , 2 50 000 . 100 000 .
    • , , , , . ( )
    • Force Logout Approach This client dominates the server to terminate the session.
0
source

More articles:


All Articles