I am new to JSF and working on session-timeout and based on it redirecting to a logout page. But it is not working properly and showing unusual behavior like, some times it's getting redirected and some times it's not...
Code for web.xml:
<context-param>
<param-name>web.TIME_OUT_PAGE</param-name>
<param-value>/sessionTimeOut.html</param-value>
</context-param>
<listener>
<display-name>SessionTimeoutNotifier</display-name>
<listener-class>test.web.SessionTimeoutNotifier</listener-class>
</listener>
<listener>
<display-name>ViewExpirationListener</display-name>
<listener-class>test.web.ViewExpirationListener</listener-class>
</listener>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
and code for SessionTimeoutNotifier.java:
package test.web;
import java.io.Serializable;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionBindingListener;
import org.apache.commons.lang.exception.ExceptionUtils;
import test.User;
public class SessionTimeoutNotifier implements HttpSessionBindingListener,Serializable
{
private static final long serialVersionUID = 8420390506024648336L;
public SessionTimeoutNotifier(){
}
public void valueBound(HttpSessionBindingEvent event)
{
User user = (User) event.getSession().getAttribute(User.USER);
System.out.println("Session Max Inactive Interval Value:"+ event.getSession().getMaxInactiveInterval());
if (user != null) {
System.out.println("Session ID:"+ event.getSession().getId() + " created for user ID: " + user.getId());
} else {
System.out.println("Session ID:"+ event.getSession().getId() + " created for user ID: UNKNOWN");
}
}
public void valueUnbound(HttpSessionBindingEvent event)
{
User user = (User) event.getSession().getAttribute(User.USER);
System.out.println("Session expired : [" + (user == null ? "Unknown" : user.getId()) + "]");
}
}
and ViewExpirationListener.java Class:
package test.web;
import java.io.IOException;
import java.util.List;
import javax.faces.FacesException;
import javax.faces.application.FacesMessage;
import javax.faces.application.ViewExpiredException;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.faces.event.PhaseEvent;
import javax.faces.event.PhaseId;
import javax.faces.event.PhaseListener;
public class ViewExpirationListener implements PhaseListener {
private static final String TIME_OUT_PAGE_PARAM = "web.TIME_OUT_PAGE";
@Override
public PhaseId getPhaseId() {
return PhaseId.APPLY_REQUEST_VALUES;
}
@Override
public void afterPhase(PhaseEvent event) {
// Do nothing.
}
@Override
public void beforePhase(PhaseEvent event) {
FacesContext facesContext = event.getFacesContext();
List<FacesMessage> iter = facesContext
.getMessageList(ViewExpiredException.class.getName());
List<FacesMessage> msgs = facesContext.getMessageList();
int count = 1;
if (iter.size() > 0) {
handleTimeOut(facesContext);
}
}
private void handleTimeOut(FacesContext facesContext) {
ExternalContext extContext = facesContext.getExternalContext();
String timeOutPage = extContext.getRequestContextPath()
+ extContext.getInitParameter(TIME_OUT_PAGE_PARAM);
try {
extContext.redirect(timeOutPage);
} catch (IOException e) {
throw new FacesException(e);
}
facesContext.responseComplete();
}
}
and still it is not redirecting every-time after inactivity of 30 min. Some times timeout works even at 31st minute and some times session is still active even after 5 hours....
I am not able to understand where I am wrong and what can be done to resolve it..
Thanks in advance for help...