I am using angularjs with spring mvc in my application. It is a single page application where there is a login button and multiple tabs. Tabs are not visible unless the user logs in. After user logs in, the tabs will be visible (login button will not be visible) and user can navigate and use features under any tab. The URL of all these actions will be same (Ex: www.xyz.com/context/).
I have problem with session management here. If the session expires when the user is in any of these tabs, say tab no. 3, the page should be reset to initial state where login button is visible and tabs are not.
I have configured spring session management like below
<security:session-management invalid-session-url="/invalidSession">
<security:concurrency-control expired-url="/" />
</security:session-management>
On session expiry, I have spring mvc controller configured to handle it. Like the one below.
@RequestMapping(value="/invalidSession", method = RequestMethod.GET)
public ModelAndView invalidSession () {
ModelAndView model = new ModelAndView("redirect:/");
model.setStatus(HttpStatus.);
return model;
}
Though this method is called on session expiry, the redirect doesn't reset my page to its initial state where only login button is visible. Rather, it stays in the same state in tab no. 3 and all other tabs still visible. If I hit the browser refresh button, it works fine.
I have also tried using model.setStatus(HttpStatus.RESET_CONTENT); in the above controller method, it still doesn't work.
I went through the question in Spring security and angular javascript redirect to login page, but it is bit complicated for my requirement and my requirement is quite simple. I guess we should be able to handle it through session management of spring with appropriate redirect where it resets my page.
How can I achieve this?
Ok. I have taken an angular approach. I have used component ng-idle as outlined in Angular session timeout and management.
Also, I have removed spring session-management tag as ng-idle solves my requirement.