Handle expired session

**shaiju** · Aug 20th, 2008, 10:58 PM

Hi ,
I am using spring mvc 2.5 and annotaton based.
Can anybody advice me what is the best approch for handling the expired http session and redirecting teh user to login page with valid error message?

In my controller I use

Code:

@Controller
@SessionAttributes ({"user","dmsUser"})
@RequestMapping("/userDetails.do")
public class UserController {

===========================

and handler method
@RequestMapping(method = RequestMethod.GET)
  public String setUpForm(@RequestParam("userId")
  String userId, @ModelAttribute("user")
  DMSUser user, Model model) {

    logger.info("Loading User details");
    String forward = "";
    if(userId==null||Integer.parseInt(userId)==0){
      if (user == null || user.getPermissions().get("manageuser") < 2) {

        model.addAttribute("message", "unauhorized operation");
        return "dmsHome";
        
      }
      else{
        model.addAttribute("dmsUser", new DMSUser());
        model.addAttribute("roles", userService.getRoles());
        return "dmsUserDetails";
      }
      
    }


......

I am getting
org.springframework.web.HttpSessionRequiredExcepti on: Session attribute 'user' required - not found in session
Once the session expired

Thanks in advance
Shaiju

**Marten Deinum** · Aug 20th, 2008, 11:14 PM

Either write a ServletFilter or HandlerInterceptor that check if there is a session and if there is a valid user. If not redirect to login page.

However that still leaves you with another problem, everything that was in the session isn't there anymore (the expired session is destroyed). So you probably run into other issues next.

**shaiju** · Aug 21st, 2008, 04:05 AM

Can I annotate the controller to use an Interceptor,is there a way?
Also I am using WebBindingInitializer as follows

Code:

class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
		<property name="webBindingInitializer">
			<bean
				class="com.scientia.dms.commons.util.DMSBindingInitializer" />
		</property>

So when I try to configure interceptors here ,it thows exception saying invalid property "interceptors".

Please advice

Shaiju

**Marten Deinum** · Aug 21st, 2008, 05:34 AM

You cannot set a interceptor on the AnnotationMethodHandlerAdapter, you can set it on the DefaultAnnotationsHandlerMapping

**shaiju** · Aug 21st, 2008, 06:30 AM

So if I want to configure both the webBindingInitializer and the interceptor ,
I need to have two different Handler mappings?

**Marten Deinum** · Aug 21st, 2008, 08:26 AM

No. You need a

- DefaultAnnotationHandlerMapper
- AnnotationMethodHandlerAdapter

Which are 2 different things. 1 is used for mapping urls to a controller, the other one is used for executing the correct method.

Thread: Handle expired session

Thread Tools

Display

Handle expired session

Posting Permissions