即使Ajax推送处于活动状态，JSF会话超时和自动重定向到登录页面也不会吸引用户 [英] JSF Session timeout and auto redirect to login page without user intraction eventhough Ajax push is active

问题描述

我在JSF应用程序中使用Iceface Icepush 来发送一些通知给客户.由于此会话超时，我的应用程序永远不会发生.

I'm using Iceface Icepush in my JSF application to send some notifications to client. Because of this session timeout never happen on my application.

我已指定会话超时15分钟.我的要求是，如果15分钟内没有实际的客户端交互，则服务器应使会话无效.

I've specified session timeout 15 mins. My requirement is, server should invalidate session if there is no actual client interaction for 15 mins.

我在iceface论坛中进行了一些搜索，并在web.xml中添加了此上下文参数

I did some search in iceface forum and added this context param in web.xml

<context-param>
    <param-name>org.icefaces.strictSessionTimeout</param-name>
    <param-value>true</param-value>
</context-param>

也有人在faces-config.xml中指定使用sessionTimeoutMonitor

also someone has specified to use sessionTimeoutMonitor in faces-config.xml

<application>
 <resource-handler>org.icefaces.impl.application.SessionTimeoutMonitor</resource-handler>
</application>

但是没有任何效果.

推荐答案

我通过扩展org.icefaces.impl.application.SessionTimeoutMonitor类编写了自己的超时监视器，效果很好.

I wrote my own timeout monitor by extending the org.icefaces.impl.application.SessionTimeoutMonitor class and this works fine.

public class RWSessionTimeoutMonitor extends  SessionTimeoutMonitor{

private static Logger log = LoggerFactory.getLogger(RWSessionTimeoutMonitor.class);

public RWSessionTimeoutMonitor(ResourceHandler handler) {
    super(handler);
}

@Override
public boolean isResourceRequest(FacesContext context) {
    final ExternalContext externalContext = context.getExternalContext();
    //create session if non-ajax request
    final Object session = externalContext.getSession(!context.getPartialViewContext().isAjaxRequest());
    //if session invalid or expired block other resource handlers from running
    if (session == null) {
        //return false to force JSF to run and throw ViewExpiredException which eventually will be captured
        //and re-cast in a SessionExpiredException
        return false;
    }

    if (!EnvUtils.isStrictSessionTimeout(context)) {
        return getWrapped().isResourceRequest(context);
    }
    Map sessionMap = externalContext.getSessionMap();
    Long lastAccessTime = (Long) sessionMap.get(SessionTimeoutMonitor.class.getName());
    boolean isPushRelatedRequest = EnvUtils.isPushRequest(context);
    if (lastAccessTime == null || !isPushRelatedRequest) {
        lastAccessTime = System.currentTimeMillis();
        sessionMap.put(SessionTimeoutMonitor.class.getName(), System.currentTimeMillis());
    }

    int maxInactiveInterval;

    maxInactiveInterval = ((javax.servlet.http.HttpSession) session).getMaxInactiveInterval();

    if (System.currentTimeMillis() - lastAccessTime > maxInactiveInterval * 1000) {
        sessionMap.remove(SessionTimeoutMonitor.class.getName());
        externalContext.invalidateSession();
        log.info("No user request b/w max interval [{}], session is invalidated." , maxInactiveInterval );
    }

    return super.isResourceRequest(context);
}

}

这篇关于即使Ajax推送处于活动状态，JSF会话超时和自动重定向到登录页面也不会吸引用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！