Announcement

Collapse
No announcement yet.
X
  • Filter
  • Time
Clear All
new posts

  • Handling Session timeout in smartgwt application

    Hi Isomorphics,
    Want to implement session timeout functionality in my smartgwt application(smartgwt 6) and but didn't find proper docs for implementation,
    With the help of below links, implemented the session timeout but having two issue

    https://www.smartclient.com/smartgwt...s/Relogin.html
    http://forums.smartclient.com/forum/...ession-timeout


    1)First Once the session is time out, default browser popup is appearing which will ask for username/password
    But i want to reload the page once the session time out. Don't want to show this browser default popup
    2)Inside my application i am opening the one more iframe window for reporting(cognos external server) where it is rendering the response loginRequiredMarker as it is, instead of reloading the application

    Can anyone explain my how to handle both the situation

    Below is the code

    Added session time out in web.xml

    <session-config>
    <session-timeout>10</session-timeout>
    </session-config>


    Added this onModuleLoad method

    RPCManager.setLoginRequiredMarker("loginRequiredMarker");

    RPCManager.setLoginRequiredCallback(new LoginRequiredCallback() {

    @Override
    public void loginRequired(int transactionNum, RPCRequest request,
    RPCResponse response) {
    SC.say("Session time out", new BooleanCallback() {
    @Override
    public void execute(Boolean value) {
    if(value){
    Window.Location.reload();
    }
    }
    });

    }
    });



    Added this code in my host page

    <SCRIPT>//'"]]>>isc_loginRequired
    //
    // Embed this whole script block VERBATIM into your login page to enable
    // SmartClient RPC relogin.


    if (!window.isc && (window.opener != null || window.top != window)) {
    while (document.domain.indexOf(".") != -1) {
    try {
    if (window.opener && window.opener.isc) break;
    if (window.top.isc) break;
    } catch (e) {
    try {
    document.domain = document.domain.replace(/.*?\./, '');
    } catch (ee) {
    break;
    }
    }
    }
    }

    var isc = top.isc ? top.isc : window.opener ? window.opener.isc : null;
    if (isc && isc.RPCManager) isc.RPCManager.delayCall("handleLoginRequired", [window]);
    </SCRIPT>


    And added one servlet which scans for all the request and check for session timeout


    HttpSession session = ((HttpServletRequest) req).getSession(false);

    if(session!=null){
    //do the further operation
    }else{
    String login="loginRequiredMarker";

    ((HttpServletResponse)res).setStatus(Status.SERVER_SESSION_TIME_OUT);
    ((HttpServletResponse)res).getWriter().write(login);
    ((HttpServletResponse)res).flushBuffer();
    }

    And in my datasource transformResponse

    if(response.getStatus() ==SERVER_SESSION_TIME_OUT){
    response.setAttribute(DATA_ELEMENT, response.getHttpResponseText());
    super.transformResponse(response, request, data);
    }

    Is anything i am doing wrong? please suggest

  • #2
    Isomorphic Blama Do you have any idea on this issue?

    Comment


    • #3
      1. what "default browser popup"? Usually there isn't a browser pop-up for authentication unless you are using certification-based authentication.

      1a. Perhaps you are confusing a pop-up from SmartGWT with a browser pop-up? Try showing a screenshot
      1b. does loginRequired fire in this circumstance?

      2. a simple approach is to do some other kind of request to ensure that the session is still active (or to cause the user to log back in, if necessary) before opening the new window

      Comment


      • #4
        Isomorphic
        ​Yes i am using com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm (basic authentication) for authentication,
        Here i have attached the screen shot which shows the browser popup on session time out
        When the first time session timeout happened this popup will come then if i enter the credential it is checking for session timeout in servlet class and then redirecting to login page
        and after that the second time session timeout, it was working fine (directly it will redirect to login page) without any popup
        Attached Files

        Comment


        • #5
          It looks like you may have two forms of authentication checking active simultaneously: HTTP Basic and authentication based on redirecting to a login form. You want to disable the HTTP Basic part as it seems to be interfering with your ability to get to the login page.

          Comment


          • #6
            Hi sameen,

            here is the wiki entry I used for my initial setup.

            Best regards
            Blama

            Comment

            Working...
            X