0

Following code in my WebFilter:

private final String sessionExpiredPage = "/exception/sessionexpired.xhtml";

private final String loginPage = "/login.xhtml";

@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
        throws IOException, ServletException {
    try {

        final HttpServletRequest req = (HttpServletRequest) request;
        final HttpServletResponse res = (HttpServletResponse) response;
        final HttpSession session = req.getSession(false);

        final String reqURI = req.getRequestURI();

        if (isRequireSessionControl(req) && isSessionInvalid(req)) {
            res.sendRedirect(req.getContextPath() + sessionExpiredPage);
        } else {

            if (reqURI.indexOf(sessionExpiredPage) >= 0 || reqURI.indexOf(loginPage) >= 0 || (session != null
                    && session.getAttribute("username") != null) || reqURI.contains("javax.faces.resource")) {
                chain.doFilter(request, response);
            } else {
                res.sendRedirect(req.getContextPath() + "/login.xhtml");
            }
        }
    } catch (final Exception e) {
        e.printStackTrace();
    }
}

The idea behind it is the following: For the first time the user calls the url, he will be redirected to login.xhtml. That works good. After a period of time, which is defined in the in web.xml, the session goes invalid.

The filter recognizes the invalid session an tries to redirect to "sessionExpiredPage". But it won't redirect, the current page will be displayed instead.

So, whats wrong with my code, where do i have the error in my mind?

piet
  • 376
  • 1
  • 5
  • 17

1 Answers1

0

This my own answer to my question to all of them who are interested in. The problem was the ajax request of course and the solution is simple:

I just needed a check if it is a Ajax request like:

final String facesRequest = request.getHeader("Faces-Request");
if (facesRequest != null && facesRequest.equals("partial/ajax")) {
    //it is
}

and then return the following xml part:

final StringBuilder sb = new StringBuilder();
sb.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?><partial-response><redirect url=\"").append(req.getContextPath() + sessionExpiredPage).append("\"></redirect></partial-response>");
                res.setHeader("Cache-Control", "no-cache");
                res.setCharacterEncoding("UTF-8");
                res.setContentType("text/xml");
                final PrintWriter writer = res.getWriter();
                writer.println(sb.toString());
                eriter.flush();

Thats it and it works like a charm.

piet
  • 376
  • 1
  • 5
  • 17