voyent
Session Expiry and RedirectFilter  XML
Forum Index -> General Help
Author Message
MichaelBreu

Joined: 17/Aug/2011 10:08:42
Messages: 19
Offline


Hello,

I'm experiencing a problem with session timeouts:


Due to some specific security requriements, we have to handle page access control not via J2EE <security-constraints>, but through an explicit Security Servlet-Filter that checks whether the user has the approriate access rights.

If not, the user is redirected to a login-page.

This works perfect in standard J2EE-applications, however with ICE-Faces / Ajax it seems no create problems:

Pushing a Button after Session expiration, causes the Security-Filter to redirect (http-Status 307) the java-script-Request to the internal login-page, which seems to be misinterpreted by the calling java-script. The page get's stuck.

The logfile shows this problem:

[code]
2011-10-28 13:20:19,965 DEBUG [XXX.login.servlet.filter.SecLoginFilter] - access to protected resource 'XXX_Plattform_WebApp/faces/ui/admin/StatusMaintenance.xhtml' requires authentication.

2011-10-28 13:20:19,965 DEBUG [XXX.login.servlet.filter.SecLoginFilter] - serviceAuthorizeRequest() - redirect to: https://localhost:8443/XXX_Plattform_WebApp/faces/login/login.xhtml?faces-redirect=true&redir=%2FXXX_Plattform_WebApp%2Ffaces%2Fui%2Fadmin%2FStatusMaintenance.xhtml
[/code]

My expectation would have been, that ICEFaces could deal with this situation, but it seems not.

I have no clue, how to resolve this problem.

Any hint is appreciated.

Michael
 
Forum Index -> General Help
Go to:   
Powered by JForum 2.1.7ice © JForum Team