Reputation: 2678
Have client send periodic fake requests to web server
We are developing a web application which will be deployed to many clients. The application handles sensitive data, so security is necessary.
We are using Spring 4 MVC and Spring Security. Currently I have the session-timeout set up and that works fine, but I need a way for the client to be automatically redirected (client leaves application running and computer unlocked, people passing by would have access).
I was thinking of a way to accomplish this would be to have the client somehow send out periodic (every minute?) fake requests to the server. Maybe just a refresh? This way when the session gets invalidated, the client will automatically get redirected out of the application. I do not know if this is possible, and if it it is, how to implement it. Any suggestions?
Upvotes: 0
Views: 199
Answers (1)
Reputation: 78
You can watch mouse movement, but that's about the best you're going to get for indication of a user still being there without listening to the click event. But there is no way for javascript to tell if it is the active tab or if the browser is even open. (well, you could get the width and height of the browser and that'd tell you if it was minimized) How can I detect with JavaScript/jQuery if the user is currently active on the page?
Upvotes: 1
Related Questions
- How to create a request with indefinitely returns in Spring Boot
- spring async rest client orchestrate few calls
- Sending message to client periodically via Spring Web-Socket
- Polling an Http server (sending http get requests repeatedly) in java
- Mechanism to Constantly Check HTTP Endpoint (every 10 seconds) using Java Spring
- Spring HTTP Client
- Mock server Request
- How to test RESTful web service automatically with random data
- Prevent client repeatedly sending requests
- Fake HTTP Get Requests