I use SecurityFilter for doing authentication and it works great. Recently I introduced AJAX components into my application. If I timeout and then do an AJAX request, the AJAX response is the html for my redirected login page. SecurityFilter is detecting the invalid (timedout session) and doing a redirect to my login page. Timeout on non-AJAX requests works as expected and desired. Since SecurityFilter is doing the redirect, the standard mechanism in A4J (the AJAX package I am using), onExpired, is never triggered.
Any suggestions? Am I using SecurityFilter incorrectly?
Thanks!
Rick
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The problem is that there's no mechanism to do redirects for ajax calls, so the filter has do to something that is custom to whatever ajax approach your application has.
It might be beneficial to have some logic in your application client side that does a normal http request if an ajax call fails, which would pick up the login redirect.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I am having the following problem:
I use SecurityFilter for doing authentication and it works great. Recently I introduced AJAX components into my application. If I timeout and then do an AJAX request, the AJAX response is the html for my redirected login page. SecurityFilter is detecting the invalid (timedout session) and doing a redirect to my login page. Timeout on non-AJAX requests works as expected and desired. Since SecurityFilter is doing the redirect, the standard mechanism in A4J (the AJAX package I am using), onExpired, is never triggered.
Any suggestions? Am I using SecurityFilter incorrectly?
Thanks!
Rick
The problem is that there's no mechanism to do redirects for ajax calls, so the filter has do to something that is custom to whatever ajax approach your application has.
It might be beneficial to have some logic in your application client side that does a normal http request if an ajax call fails, which would pick up the login redirect.