How can i redirect user after session timeout? I have found some solutions but my problem is a little different. I got only one page and when the user clicks a button after timeout, he will be redirected to login page. Is there any solution?
web.xml
<session-config>
<session-timeout>
1
</session-timeout>
</session-config>
set session timeout in your web.xml - and config spring secruity as you want it.
Related
Currently I have added this in my web.xml
<session-config>
<session-timeout>1</session-timeout>
</session-config>
But after one minute session is not getting expired,
I don't know whats wrong can anyone let me know where i'm doing wrong
I am working with primefaces 3.4 and JSF 2.0.4, I´ve set up the session to be over in 30 minutes in web.xml
<session-config>
<session-timeout>30</session-timeout>
</session-config>
And i have an iddleMonitor set up to show up in 25 minutes, however, suddenly the session gets lost, and iddlemonitor does not show up, and the application does not work,
Anybody has face this problem? any solution?
In my WAR's web.xml, I added the following XML tags:
<session-config>
<session-timeout>1</session-timeout>
</session-config>
Although I've done that, the session doesn't timeout after 1 minute. I registered a HttpSessionListener to monitor the session creation\destruction:
<listener>
<listener-class>my.listener.SessionListener</listener-class>
</listener>
...and only the session-creation indicator method is called when a session is created, but the session-destruction method isn't called after one minute as expected, yet its called after 20 minutes though, which is the default timeout duration in OC4J.
How can I change this default behavior ?!
I have following configuration in web.xml in tomcat 7. I am wondering if I can add any configurable parameter here, so that if user tries to do any operation post 30 minutes, I redirect the user to our home page.
<session-config>
<session-timeout>30</session-timeout>
<cookie-config>
<domain>mydomain.mycompany.com</domain>
<http-only>true</http-only>
<secure>false</secure>
</cookie-config>
<tracking-mode>COOKIE</tracking-mode>
</session-config>
This is probably not possible by configuration only. You will have to add a filter aswell. One way of doing that is described here: https://stackoverflow.com/a/1027592/3417638
If you would like to configure the redirect in web.xml, this can be done by using a context-parameter, see: https://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Context_Parameters
I am using JBoss 7 and I have configure my session config in web.xml as follows:
<session-config>
<session-timeout>240</session-timeout>
<http-only>true</http-only>
</session-config>
However, in my servlet, i am getting a nullpointerexception when I try to retrieve the current session as follows:
request.getSession(false);
Am I missing anything?
That seems correct per the documentation.
Snippet:
Returns the current HttpSession associated with this request or, if there is no current session and create is true, returns a new session.
If create is false and the request has no valid HttpSession, this method returns null.
After looking again at your web.xml snippet, it's not quite correct. The <http-only/> is not part of the <session-config/>. Move it into <cookie-config/> as per the following:
<session-config>
<session-timeout>240</session-timeout>
<cookie-config>
<http-only>true</http-only>
</cookie-config>
</session-config>