Hello All I am working on the gwt-ext application.On the server side I am using Hibernate. I am mantaining session on the server side.it's time out is 5 minute (In action class).
Now take a secenario in which a user logged in & remains it open for five minute.After five minutes expires it do a click on a button on the screen.There is some process on the client side & it is of 2 minutes and after that it goes for a server call.When it go for server call it is already session out (as session time is 5 minutes which is already expired).And a message of session out popped up with redirecting the login page.
In this whole case user feels that I am active on the system (After 5 minutes on the client side actually) so why I am redirected to login page.
Reason behind is that that session is maintained on the server side.And server hit is after seven minutes.
So I am thinking to maitain the session on the client side also.How to achieve this in the gwt based application. Is there any other way to do solve this issue. Thanks to all.
One method would be to check the server regularly, if a timeout has occurred. You would have to write a servlet method which performs that check without renewing the server session timeout! And of course this will result in lots of server hits. (Not necessarily a bad method though!)
But maybe I would use a dfifferent solution, which tries to keep a timer on the client side approximately synchronous with the server's timer, e.g.
Client side:
I assume that your server session timeout gets renewed every time the client performs an interaction with the server, e.g. a GWT-RPC call (if the session hasn't timed out already).
So on the client side, I would then also renew the client timer, in order to keep it roughly synchronous:
Don't forget to call renewSessionTimer() on all interactions (especially directly after login).
Important Note: For all security checks, only use the server session. The client "session timer" is just a convenience for the user. Don't make security/authorization checks dependent on that timer, or on any kind of client session.