Handling expired session gracefully

**breaux** · May 4th, 2011, 12:23 PM

I've searched, so I apologize if I'm missing the answer somewhere.

When the HttpSession has expired and the user re-submits a page in the flow, he/she is sent back to the beginning of the flow. All I want to add to this behavior is a message explaining why it occurred. "You were inactive, so you have been restarted..."

What's the easiest/best-practice way to do this?

Similar question for replaced executions or snapshots. Global on-exception transition for FlowExecutionRestorationFailureException with EL to put a message on some scope?

Thanks for assistance.

**breaux** · May 12th, 2011, 09:59 AM

Anyone? Please?

**jimmyjones** · May 12th, 2011, 10:31 AM

I have exactly the same requirement.

I too would appreciate any ideas.

**breaux** · Jun 8th, 2011, 04:48 PM

Is there even a place where I could check for session.isNew()? By the time I hit my JSP (under Tiles), it is no longer new :-(

${pageContext.session.new}

**saurabhsolutions** · Jun 10th, 2011, 05:21 AM

i have got a solution to this problem.
We can use a javascript (Countdown.js)
that takes in ${pageContext.session.maxInactiveInterval}
and after time ends it shows the message

**saurabhsolutions** · Jun 13th, 2011, 01:58 AM

Can you please tell me how did you manage logout in this

**breaux** · Jun 14th, 2011, 09:30 AM

Originally Posted by breaux

${pageContext.session.new}

That wouldn't work anyway, duh. Wouldn't be able to distinguish new-new from timed-out-new.

**breaux** · Jun 14th, 2011, 02:53 PM

All I could come up with for now is a simple filter that redirects to a separate page. I imagine I could have gotten something on a scope the flow would understand, but because of the SWF redirect behavior, it was going to take multiple steps to do it, so I settled for this.

Basically:

Code:

        if (request.getRequestedSessionId() != null && !request.isRequestedSessionIdValid())
        {
            log.info("Expired Session ID: " + request.getRequestedSessionId());
            response.sendRedirect("sessionExpired");
        }
        else
        {
            chain.doFilter(request, response);
        }

**breaux** · Jun 14th, 2011, 05:10 PM

Code:

public class SessionExpiredInterceptor extends HandlerInterceptorAdapter
{
    private String redirectLocation = "sessionExpired";

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
        Object handler) throws Exception
    {
        if (request.getRequestedSessionId() != null && !request.isRequestedSessionIdValid())
        {
            response.sendRedirect(redirectLocation);
            return false;
        }

        return true;
    }

    public String getRedirectLocation()
    {
        return redirectLocation;
    }

    public void setRedirectLocation(String redirectLocation)
    {
        this.redirectLocation = redirectLocation;
    }
}

**breaux** · Apr 18th, 2013, 09:05 AM

FYI also posted to Stack Overflow. No answers there so far, except my own conclusions already reflected in this thread.

Thread: Handling expired session gracefully

Thread Tools

Display

Handling expired session gracefully

Used a filter

Or an Interceptor

Tags for this Thread

Posting Permissions