Announcement Announcement Module
Collapse
No announcement yet.
How can I handle ajax request when session timeout using spring security 3.1 Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How can I handle ajax request when session timeout using spring security 3.1

    Hi,

    I am using Spring 3 with Spring Security 3.1.
    Now I want to handle the session timeout when using ajax.

    Does anyone have a good solution on this?

    Following is the one I am using but has problem. Could anyone kindly help have a look?

    Thanks alot

    ================================================

    On my page, I use ajax to submit request.

    $.ajax({
    type: 'POST',
    url: a,
    beforeSend: function(xhr) {
    xhr.setRequestHeader("X-AjaxRequest", "1");
    },
    data: $(this).serialize(),
    success: function(data) {
    ...
    },
    complete: function(xhr) {
    if (xhr.status == 601) {
    window.location.reload();
    }
    }
    });


    In spring security configuration file:
    <http auto-config="false" access-denied-page="/accessdeny.htm" use-expressions="true" entry-point-ref="authenticationEntryPoint">
    ...
    <session-management invalid-session-url="/Login.jsp?login_error=2" />

    <logout invalidate-session="true" logout-success-url="/Login.jsp" />
    </http>


    <beans:bean id="authenticationEntryPoint" class="my.AjaxAwareAuthenticationEntryPoint"
    p:loginFormUrl="/Login.jsp"/>


    my.AjaxAwareAuthenticationEntryPoint.class:
    public class AjaxAwareAuthenticationEntryPoint extends LoginUrlAuthenticationEntryPoint
    {

    @Override
    public void commence(HttpServletRequest arg0, HttpServletResponse arg1,
    AuthenticationException arg2) throws IOException, ServletException
    {
    System.out.println("in AjaxAwareAuthenticationEntryPoint");

    System.out.println("header = " + arg0.getHeader("X-AjaxRequest"));

    if (arg0.getHeader("X-AjaxRequest") != null && arg0.getHeader("X-AjaxRequest").equals("1")) {
    arg1.sendError(601, "");
    }
    else
    {
    super.commence(arg0, arg1, arg2);
    }

    }
    }


    =============================
    When I run it and let it timeout, then click the submit which use ajax, my browser shows:
    HTTP Status 601 -
    type Status report
    message
    description http.601
Working...
X