Jump to content

Session Timeout Redirection


Recommended Posts

Hi everyone,

I am joining this post because I would like also to make a redirection to an external Application when session timeout happens using the community version (version 5.2) of JasperReports Server.

In my application, internal users can log in using the Jasper login page and external users can also be autheticated by sending a custom request to the Jasper server application.  I have a custom filter that extends BaseAuthenticationProcessingFilter and this filter processes this two request format.

When a external user log out, he is redirected to my external Application. For doing that, I have created a file which name starts with applicationContext-externalAuth and I have added   externalAuthProperties (see below) to my externalUserSetupProcessor which is used by my externalDataSynchronizer.

    <bean id="externalAuthProperties"class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthProperties">        <!-- external logout url. If specified, logout will redirect to that address. -->        <property name="logoutUrl" value="http://localhost:8080/myExternalApp"/>    </bean></pre>[/code]

Redirection on logout works fine. But now I would like my external user to be redirected to my external app when session timeout happens.

My attempts to redirect on session timeout

1) I tried to add ConcurrentSessionFilter bean specifying ist expired-url property withe the URL to my external application. But this did not work.

2) I also tried to assign the URL to my external application to the internalAuthenticationFailureUrl property of my Filter. Then when a session timeout happens, my Jasper application get stuck on the page jasperserver/flow.html/?flowid = searchflow. There is a loading popup  that seems to run in a infinite loop because it nevers disappeared. But If I refresh the page with the refresh button of my web browser, I get redirected to my external application.

3) I have also tried to assign another Jasper page to the internalAuthenticationFailureUrl property of my Filter (/exituser.html instead of /login.html?error=1). Then I added a javax.servlet.Filter that maps on the URL /exitiuser.html and which in its doFilter() method should redirects to my external application using

((HttpServletResponse) response).sendRedirect(targetUrl);[/code]

But this also does not work because I have exactly the same problem as with the previous attempt described above.


A) I saw the following in the file jasperserver-servlet.xml

    <!-- basic exception resolver for jasperserver application -->    <bean id="exceptionResolver"  class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">        <property name="exceptionMappings">            <props>              <propkey="org.springframework.security.AccessDeniedException">modules/system/AccessDeniedPage</prop>                <prop key="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException">                    modules/system/sessionExpiredErrorPage</prop>                <prop key="java.lang.Exception">modules/system/errorPage</prop>            </props>        </property>    </bean>[/code]

The modules/system/sessionExpiredErrorPage does not seem to be used. Do you know how can I use it so the JSP page sessionExpiredErrorPage could be displayed (Then I will try to make a redirection to my external application using a servlet).

I saw the following in the class com.jaspersoft.jasperserver.war.control.SystemErrorController

    /**     * Handles 404 error (page not found error).     *     * @param req the request.     * @param res the response.     *     * @return model and view.     */    public ModelAndView handle404(HttpServletRequest req, HttpServletResponse res) {        return new ModelAndView("modules/system/404");    }[/code]

If I add a similar method that returns the ModelAndView described below, would it be enough ?

return new ModelAndView("sessionExpiredErrorPage")[/code]


Link to comment
Share on other sites

  • 2 weeks later...
  • Replies 5
  • Created
  • Last Reply

Top Posters In This Topic


Have you found something new about this problem?

I would like to know if eventually some patches or new versions are going to be released in the future to fix this bug.

Also I would like to ask you, if you knew in which class the redirection to an external url on user session logout is implemented ?

To be more precise, I am talking about the class that implements the following:

    <bean id="externalAuthProperties"
        <!-- external logout url. If specified, logout will redirect to that address. -->
        <property name="logoutUrl" value="http://localhost:8080/myExternalApp"/>

Thanks in advance,

Link to comment
Share on other sites

  • 5 years later...
  • 4 years later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...