SessionTimeoutFilter, for executing some logic when your portal session is timedout

If you want to execute some logic when user session times out Ex, some cleanup logic that you want to call when user logs out, then you can implement SessionTimeoutFilter. This filter is called immediately after the session of a user has been destroyed either by an idle timeout or by an invalidation of the session (e.g. due to a mismatch of session and request user). It is not called when the user is logged out properly.

I wanted to try this feature so i did create a simple SessionTimeoutFilter that will print out name of the user who's session is getting timed out. Note that you dont get access to HttpServletRequest object so you will have to pass that name as HttpSession attribute, set it using LoginFilter and then read the name in the SessionTimeoutFilter


package com.webspherenotes.auth;

import java.util.Map;

import javax.servlet.http.HttpSession;

import com.ibm.portal.auth.SessionTimeoutFilter;
import com.ibm.portal.auth.SessionTimeoutFilterChain;
import com.ibm.portal.auth.exceptions.UserSessionTimeoutException;
import com.ibm.portal.security.SecurityFilterConfig;
import com.ibm.portal.security.exceptions.SecurityFilterInitException;

public class SampleSessionTimeoutFilter implements SessionTimeoutFilter{
public void destroy() {
}

public void init(SecurityFilterConfig arg0)
throws SecurityFilterInitException {
}
public void onUserSessionTimeout(HttpSession session, Map map,
SessionTimeoutFilterChain filterChain) throws UserSessionTimeoutException {
System.out.println("Inside SampleSessionTimeoutFilter.onUserSessionTimeout SessionId "
+ session.getId());
System.out.println("Inside SampleSessionTimeoutFilter.onUserSessionTimeout, User Name "
+ session.getAttribute("userName"));
filterChain.onUserSessionTimeout(session, map);
}
}

1 comment: