java/GWT Web 应用程序:如何获取会话超时回调
我们有一个部署在 Tomcat 上的 GWT 应用程序。在服务器上,我们设置了 1 分钟的超时。
httpSession.setMaxInactiveInterval(1*60)
在客户端,我们也设置了一些超时值为 1 分钟的 cookie。 1 分钟后,我们注意到客户端 cookie 已被删除;然而,Servlet 容器(jetty/tomcat)设置的 JSESSIONID 仍然存在于客户端中。
在会话超时时,我们的用户希望我们抛出一个警报/消息对话框来提醒他/她会话已超时,用户应该再次登录服务器。看来我们需要一个客户端超时回调——是否有一个 API 可以调用来设置会话超时回调?
截至目前,如果用户使用过期会话访问服务器,我们会告诉他会话已过期;然而,客户希望我们通过警告用户会话已超时来防止“丢失更改”(不要浪费时间编辑任何客户端数据,然后提交以发现会话已超时 - 丢失更改) !)
还有哪些其他方法可以处理这种情况?
谢谢你,
We have a GWT app that is deployed on Tomcat. On the server, we have set a timeout of 1 minute
httpSession.setMaxInactiveInterval(1*60)
At the client-side, we set a few cookies with a timeout value of 1 minute as well. After 1 minute, we notice that the client-side cookies are removed; However the JSESSIONID set by the servlet container(jetty/tomcat) is still present in the client.
On Session timeout, our user wants us to throw an alert/message dialog to alert him/her that the session has timed out and the user should log in to the server again. It appears that we need a a client-side callback on the timeout -- is there an API that we can call to set a callback on Session Timeout ?
As of now, if the user hits the server with an expired session, we do tell him that the session has expired; However the Customer wants us to prevent "lost changes" by alerting the user that the session has timed out( without wasting time on editing any of the client-side data and then submitting to finding out that the session has timed out -- lost changes!)
What are other ways of dealing with the situation ?
Thank you,
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我们已经完成了 GWT 应用程序,其中用户在会话过期之前收到警告
希望有帮助!
We have done it our GWT application where the users are warned before the session expires
Hope it helps!
要从服务器发送数据,您可以使用 HTML5 Web Sockets 或对于较旧的浏览器,可以使用某种形式Comet。
或者,您可以让 GWT 客户端定期向服务器发送 ping 来检查会话是否仍然可用,但这会导致大量不必要的 HTTP 请求,并且效率会降低。
To send data from the server, you can either use HTML5 Web Sockets or for older browsers, some form of Comet.
Alternatively, you could have your GWT client periodically send pings to the server to check whether the session is still available, but this will result in a lot of needless HTTP requests and will be less efficient.
如果您的应用程序有一个 web.xml 文件,请将其添加到 webapp 部分
这是服务器端会话超时(以分钟为单位)
*编辑 - 因为一些读者似乎迷失了这个想法。
如果用户尝试使用过期会话访问服务器,他们可以按照原始发布者的要求重定向到登录页面。当 cookie 过期时,前端没有理由必须向服务器发送回调。如果用户未发送 sessionID,他们将转到登录屏幕。如果他们向服务器发送的会话 ID 已过期,请将他们发送到登录页面。弹出消息可以在前端处理
If your application has a web.xml file add this to the webapp portion
This is the server side timeout of sessions in minutes
*Edit - since the Idea of this seems to be lost with some readers.
If the user tries to hit the server with an expired session, they can be redirected to the login page as the original poster had asked. There is no reason the front end has to send a callback to the server when the cookie expires. If the user does not send a sessionID, they go to the login screen. If they send a session ID to the server which has expired, send them to the login page. The pop-up message can be handled in the front end