I'm using Websphere Portal 8 with Primefaces 3.5. The requirement is that when the session times out, the user is redirected to a session timeout page which has a button on it that when clicked takes the user back to the login page. The login page contains a portlet as does the Session Timeout page - both are within the same portlet application. I am redirecting to the session timeout page successfully using an ImplicitLogoutFilter:
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, FilterChainContext filterContext, LogoutFilterChain chain) throws LogoutException, LoginException {
chain.logout(request, response, filterContext);
if (filterContext.getRedirectURL() != null) {
if (logger.isLoggable(Level.FINEST)) {
logger.logp(Level.FINEST, CLASS_NAME, MethodName.LOGOUT, "Redirecting to session timeout page: " + SESSION_TIMEOUT_PAGE_URL);
}
filterContext.setRedirectURL(SESSION_TIMEOUT_PAGE_URL);
}
}
The portlet on the session timeout page contains a button which calls a portlet action that redirects to the login page:
public void navigateToPortalPage(String pageUniqueName) throws RpmPortalException {
final String methodName = "navigateToPortalPage";
RpmPortalPage portalPage = getNavigationManager().getPortalPage(pageUniqueName, getPortletRequest(), getPortletResponse());
try {
FacesContext context = getFacesContext();
if (context != null) {
context.getExternalContext().redirect(portalPage.getUrl());
context.responseComplete();
}
} catch (IOException e) {
RpmExceptionUtils.logAndThrowException(CLASSNAME, methodName + "(" + pageUniqueName + ")", RpmErrorCode.RPM_CONFIG_00004, getLoggedinUser(), e);
}
}
However, when the button is clicked instead of going to the login page, a ViewExpired exception is thrown instead. This exception is handled by an exception handler which handles exceptions, redirecting to an error page and displaying an error to the user.
My question is how do I avoid the ViewExpired Exception after the session has expired as I just want to be able to redirect to the login page without the ViewExpiredException occurring in this case,
Thanks in advance for your help
My question is how do I avoid the ViewExpired Exception after the session has expired as I just want to be able to redirect to the login page without the ViewExpiredException occurring in this case
Just specify the login page as error page of ViewExpiredException.
<error-page>
<exception-type>javax.faces.application.ViewExpiredException</exception-type>
<location>/login.xhtml</location>
</error-page>
(this assumes that you've mapped faces servlet on *.xhtml, otherwise alter accordingly)