Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 376367

Summary: Improve Session Timeout Responsiveness and Customizability
Product: [RT] RAP Reporter: Austin Riddle <austin.riddle>
Component: RWTAssignee: Project Inbox <rap-inbox>
Status: RESOLVED FIXED QA Contact:
Severity: enhancement    
Priority: P3 CC: niels.lippke, ronald.so
Version: 1.5Flags: a_mergey: juno-
Target Milestone: 2.0 M3   
Hardware: All   
OS: All   
Whiteboard:
Attachments:
Description Flags
Patch that implements a custom timeout page and interval none

Description Austin Riddle CLA 2012-04-09 20:12:08 EDT 
The current session timeout mechanism requires that a request be sent from the client before an error message is obtained. Instead, a session timeout should result in a custom message/timeout page being shown immediately.

I will post a patch that addresses this problem for us. It may not be a good general solution but others may find it useful.
Comment 1 Austin Riddle CLA 2012-04-09 20:48:21 EDT 
Created attachment 213782 [details]
Patch that implements a custom timeout page and interval
Comment 2 Austin Riddle CLA 2012-04-09 20:57:58 EDT 
Sorry, there are apparently there are a few formatting inconsistencies in the patch.

Also, here is an example of usage:

-----------
  Display display = PlatformUI.createDisplay();
  //Used by hack in DisplayLCA to set timeout page.
  //URL Should be an accessible url (perhaps exposed via http registry)
  Display.getCurrent().setData( "org.eclipse.rap.rwt.timeoutPage", TIMEOUT_URL );
  RWT.getRequest().getSession().setMaxInactiveInterval(1800);  //kill session after 30 minutes of inactivity
------------

This code will cause a client session to timeout after 30 minutes.  The client will be redirected to the timeout url.

Hope some will get some use out of this.
Comment 3 Ivan Furnadjiev CLA 2012-04-10 06:30:27 EDT 
(In reply to comment #2)
> Sorry, there are apparently there are a few formatting inconsistencies in the patch.
Apart from the "formatting inconsistencies" there are no JUnit tests. More over, you preserve the "timeoutPage" and "timeoutInterval" properties in the DisplayLCA, but never render them to the client. Are you sure that the patch is complete?
Comment 4 Ivan Furnadjiev CLA 2012-04-10 06:50:44 EDT 
Just a note: There is another enhancement request (bug 292607) for a similar issue.
Comment 5 Arnaud MERGEY CLA 2012-09-03 08:59:53 EDT 
This enhancement request could fix a bug with current session timeout mechanism.
For RAP application with declarative security, after timeout, request sent from the client comes unauthenticated, so the server forward to the login form, and reply it so there is an error page instead of timeout message 

Could not process server response:
Error: SyntaxError: Unexpected token <
  Script: " <title>Login form</title>  ......... [Login form html code] ..... "
 
  Stack: SyntaxError: Unexpected token <
    at Object.parse (native)
    at [object Object]._handleCompleted (http://localhost:8088/semarchy/rwt-resources/rap-client-df2df2ff.js:49396:34)
Comment 6 Ronald So CLA 2013-01-18 11:09:42 EST 
Is this patch available in RAP 1.5?  I have a need for my UI to automatically redirect to a URL when session expires.  Right now, the UI won't present the timeout message until a request being sent from the client.

Thanks.
Comment 7 Ralf Sternberg CLA 2013-01-21 06:25:57 EST 
As of bug 388280, the client is notified immediately in case of a session timeout. Of course, the requires server push to be active.
The redirect option is covered by bug 292607.