CODEWITHSUNDEEP
jsfrichfacesfacelets
Jinesh
Jinesh

Reputation: 841

Redirecting on session timeout in JSF-Richfaces-facelet

I am using JSF with RichFacecs to create a web portal .I want to redirect the user to the login page on session time out. I was trying to throw a SecurityException in session expiry/logged out stage as follows

<error-page>
    <exception-type>java.lang.SecurityException</exception-type>
    <location>/Login.jsf</location>
</error-page>

But this is not working for me. Which is the right way of handling this ?

Upvotes: 6

Views: 23095

Answers (5)

Greg
Greg

Reputation: 1719

Another solution is to create CustomViewHandler that extends ViewHandler and override restoreView method

@Override
public UIViewRoot restoreView(FacesContext facesContext, String viewId) {
/**
 * {@link javax.faces.application.ViewExpiredException}. This happens only  when we try to logout from timed out pages.
 */
    UIViewRoot root = null; 
    root = parent.restoreView(facesContext, viewId);
    if(root == null) {          
        root = createView(facesContext, viewId);
    }
    return root;
}

Then you need to add it to your faces-config.xml

<view-handler>com.demo.CustomViewHandler</view-handler>

This will prevent you from getting ViewExpiredException's

Upvotes: 0

Oscar Castiblanco
Oscar Castiblanco

Reputation: 1646

you should put a timeout in your web.xml and register a timeout filter as shown in this thread: Auto-logout in JSF Application in case of ajax, your redirection has to be done like that:

    String facesRequestHeader = httpServletRequest
            .getHeader( "Faces-Request" );

    boolean isAjaxRequest = facesRequestHeader != null
            && facesRequestHeader.equals( "partial/ajax" );

    if( isAjaxRequest )
    {
            String url = MessageFormat.format( "{0}://{1}:{2,number,####0}{3}",
            request.getScheme(), request.getServerName(),
            request.getServerPort(), timeoutPath );

            PrintWriter pw = response.getWriter();
                pw.println( "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" );
            pw.println( "<partial-response><redirect url=\"" + url
            + "\"></redirect></partial-response>" );
            pw.flush(););
    }
    else
    {
        httpServletResponse.sendRedirect( timeoutPath );
    }

Upvotes: 4

ghhenadie
ghhenadie

Reputation: 11

I had some problems when I making A4J requests after session expiration. I put this 

<context-param>
    <param-name>com.sun.faces.enableRestoreView11Compatibility</param-name>
    <param-value>true</param-value>
</context-param>

in my web.xml, for me it solves the problem.

Upvotes: 1

pakore
pakore

Reputation: 11497

The solution is to use Richfaces own session expired event.

Add this to the page prone to expire:

<a4j:region>
 <script language="javascript">
 A4J.AJAX.onExpired = function(loc, expiredMsg){
 alert('expired!');
 window.location = "/login.jsf";
 }
 </script>
</a4j:region>

More info can be found at the RichFaces documentation: http://docs.jboss.org/richfaces/latest_3_3_X/en/devguide/html/ArchitectureOverview.html#SessionExpiredHandling

Upvotes: 1

Chris Dale
Chris Dale

Reputation: 2222

This should do it : 

<error-page>
    <exception-type>javax.faces.application.ViewExpiredException</exception-type>
    <location>/sessionExpired.jsf</location>
</error-page>

Upvotes: 7

Related Questions