aspose file tools*
The moose likes Security and the fly likes Siteminder session timeout - AJAX response issue Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Siteminder session timeout - AJAX response issue" Watch "Siteminder session timeout - AJAX response issue" New topic
Author

Siteminder session timeout - AJAX response issue

Girish Vasmatkar
Ranch Hand

Joined: Apr 24, 2008
Posts: 199
Hi All,

I have an application which is based on JSF framework. The application uses siteminder for security implementation.
Siteminder intercepts the request and if session times out, stores the request, and redirects to login page. After successful authentication, user is redirected to the page where session timed out.

This is working fine except for AJAX requests. If, an AJAX request was fired by JSF, and siteminder intercepted the request and session has already timed out, siteminder stores this request and hence after successful login, throws the user to the AJAX URL and hence the response which is an XML response, is shown on the browser.

So, basically, an XML is shown on the browser which actually is an AJAX response.

Is there any way I can handle this through JSF or some changes in siteminder configuration are needed. I do not have access to the siteminder.

I was searching on Google and found a URL describing the same issue. But the guy did not get any response. I am facing the exact issue.

http://community.jboss.org/thread/164287
Girish Vasmatkar
Ranch Hand

Joined: Apr 24, 2008
Posts: 199
Anybody's got any input on this ? I am wondering I am unable to find anything on this on Google, for it should be a pretty common problem (Even if siteminder is not used and custom login implementation is done and user is redirected to the original page using this -)



If a custom implementation is done, I may strip off the query string part and store the request URI, but with siteminder, I don't find anything after Google search.
ozay duman
Greenhorn

Joined: Jan 22, 2012
Posts: 2

i have a web application that uses j_security_check for login purpose.
when session of a user time outs it is redirected to last accessed source (such as xml,html page or amf). My aim is to enable to user to redirected to the same resource(page) after login. I solved this problem by makig ajax call when submit button pressed. Here is my solution






ozay duman
Girish Vasmatkar
Ranch Hand

Joined: Apr 24, 2008
Posts: 199
Since, I am working with JSF, I do not have this option. Moreover, every single request is intercepted by siteminder, and after the authentication, the same request is fired by siteminder and hence I see XML being printed on the browser (if it was an AJAX request initiated by a4j component).
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Siteminder session timeout - AJAX response issue
 
Similar Threads
siteminder logout problem
Session Time out problem
Problem in siteminder logoff
What does IE 8 Cache?
Siteminder Timeout Overriding Weblogic Timeout