| javascript (rap-client) error on login page after session time out [message #1739931] |
Fri, 05 August 2016 18:02  |
 Tass Burrfoot
Messages: 19
Registered: April 2015 |
Junior Member |
|
|
Hello
My application is running on jetty, with a login page written in login servlet:
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
resp.getWriter().append(getContent());
}
Method getContent() creates the static content of the login page in a normal way.
The logout logic is handled in this way
private void handleLogout() {
HttpSession session = RWT.getUISession().getHttpSession();
String script = MessageFormat.format("window.location.href = \"{0}\";", getUrl()+"/login");
Client client = RWT.getClient();
JavaScriptExecutor executor = client.getService( JavaScriptExecutor.class );
if( executor != null ) {
executor.execute(script);
}
invalidate(session);
}
I also have a redirect servlet which redirects to the login page in case the request url is context path root "/".
The problem is after session time out, the firefox browser displayed the login page with plenty of javascript error messages coming from rap-client.js. See attachment for the screenshot.
This error only occurred after session time out. Regular login/logout does not have this problem. Where is this rap-client.js and how to clean the error on the page? Thanks
[Updated on: Mon, 15 August 2016 21:51] Report message to a moderator |
|
|
|
| Re: javascript (rap-client) error on login page after session time out [message #1740066 is a reply to message #1740046] |
Mon, 08 August 2016 19:56  |
Tass Burrfoot
Messages: 19
Registered: April 2015 |
Junior Member |
|
|
Hi Thanks for the reply. After debugging on jetty I found the reason but cannot find a way to fix it.
When session is timed out, the old RAP connection (with cid=7ab533a6) took the session id from cookie (I guess otherwise it is considered as invalid?) and then it create a new session. The new session gets 302 response from the server and consequently gets the login page. At this time the old RAP connection generates the errors on the same login page. The page can be logged in with a new RAP connection generated (with a different cid). The following is the server log after session timed out:
15:22:43.939 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG org.eclipse.jetty.server.Server - REQUEST /test-app on AsyncHttpConnection@f5c3d00,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=10,c=84},r=7
15:22:43.939 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG o.e.j.server.handler.ContextHandler - scope null||/test-app @ o.e.j.s.ServletContextHandler{/,null}
15:22:43.939 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG o.e.j.server.handler.ContextHandler - context=||/test-app @ o.e.j.s.ServletContextHandler{/,null}
15:22:43.939 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG org.eclipse.jetty.server.session - Got Session ID 1moto3lt924qfij7blawzcm66 from cookie
15:22:43.939 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG org.eclipse.jetty.server.session - Got Session ID ywshg1799ung19d97uoh64cp3 from cookie
15:22:43.939 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG org.eclipse.jetty.server.session - sessionManager=org.eclipse.jetty.server.session.HashSessionManager@2be1d440
15:22:43.939 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG org.eclipse.jetty.server.session - session=null
15:22:43.940 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG o.e.jetty.servlet.ServletHandler - servlet ||/test-app -> org.eclipse.equinox.http.jetty.internal.HttpServerManager$InternalHttpServiceServlet-62908fed
15:22:43.940 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG org.eclipse.jetty.server.session - new session & id pksoefmyoaor1ogw9sdwmojot pksoefmyoaor1ogw9sdwmojot
Session created: org.eclipse.jetty.server.session.HashedSession:pksoefmyoaor1ogw9sdwmojot@1907031397
15:22:43.941 [qtp1629156150-48 - /test-app?cid=7ab533a6] DEBUG org.eclipse.jetty.server.Server - RESPONSE /test-app 302 handled=true
For each UISession in the project, there is a server push session. If I remove the server push session from the UISession, the web page is left unchanged (no login page displayed) when session is timed out. But if I click any part on the web page, I would get the same error as I described above.
This really confused me. I didn't configure anything for session time out in the project. Why the old RAP connection created a new session itself? Thanks
[Updated on: Mon, 08 August 2016 20:01] Report message to a moderator |
|
|
| Re: javascript (rap-client) error on login page after session time out [message #1740585 is a reply to message #1740066] |
Mon, 15 August 2016 21:48 |
Tass Burrfoot
Messages: 19
Registered: April 2015 |
Junior Member |
|
|
Finally I get it working. Here is what happened: when session is timed out, jetty will use the existing connection parameter (with the old cid value) to create a new session. When jetty requests the url (with the old cid value), an xmlhttprequest is created by RAP Connection object, and then jetty handles this request by redirecting (302 response) to the login page. But the xmlhttprequest itself does not redirect, which means it is expecting the response as a json format message. Therefore the returning plain text content of the login page is considered as an invalid response by the RAP Request object, and it prints the error message on the login page.
To handle this, the login servlet needs to differentiate normal http request from RAP's xmlhttprequest. I use content-type to do this. And for the xmlhttprequest, the http response has to be in json format as pointed out by Ivan Furnadjiev
{head: {redirect: <redirect url here>}, operations: []}
[Updated on: Mon, 15 August 2016 21:49] Report message to a moderator |
|
|
Powered by
FUDForum. Page generated in 0.03505 seconds
] 
Search
Help
Register
Login
Home
