Skip to content

Grails session expiry message using spring security

April 17, 2013

 

Add session expiry parameter’s to logout page – which can be interpreted to show session expired message to user.


securityContextRepository(HttpSessionSecurityContextRepository){}

sessionManagementFilter( SessionManagementFilter, ref("securityContextRepository")){
invalidSessionUrl="/loginPage?parameter=sessionExpired"
}

And in your bootstrap.groovy file add registration of this filter:


def init = { servletContext ->
SpringSecurityUtils.clientRegisterFilter('sessionManagementFilter', SecurityFilterPosition.SESSION_MANAGEMENT_FILTER)

}

 

 

The only issue is that if you want to have a separate message – when the user clicks logout – then this filter needs to be changed. And you need to put some conditions inside it.  SessionManagementFilter is not really extendible – if you see its source code all its field are made either private or final so you need to clone parts of it and put in your own paths to redirect in your custom filter. Also for custom filter – its definition needs to be checked if it should be through web.xml rather than spring security utils class.

 

Advertisements
One Comment leave one →
  1. Robert permalink
    August 22, 2013 9:37 pm

    Thank you. This is what I needed: ‘Custom message on login page after session expiration’.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: