SessionTimeoutFilter (HCL Digital Experience Version 8.5.0.0 SPI Docs)

Overview

Package

Class

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.portal.auth
Interface SessionTimeoutFilter

All Superinterfaces:: SecurityFilter

public interface SessionTimeoutFilter
extends SecurityFilter
extends SecurityFilter

This interface can be implemented to realize a custom element in the filter chain for the Portal session timeout. The onUserSessionTimeout(HttpSession, Map, SessionTimeoutFilterChain) method can then be used to add additional logic before or after calling the next filter chain element by invoking the same method on the SessionTimeoutFilterChain object passed in as the last argument. This method is called immediately after the session of a user has been destroyed either by an idle timeout or by an invalidation of the session (e.g. due to a mismatch of session and request user). It is not called when the user is logged out properly. The order of the session timeout filter elements is defined by the sessiontimeout.filterchain property in the Portal Authentication Service.

Each session timeout filter is instantiated as a singleton, so the implementor must make sure that the onUserSessionTimeout(HttpSession, Map, SessionTimeoutFilterChain) method is thread-safe. The SecurityFilter.init(SecurityFilterConfig) method is called once during Portal startup and gets the values of all properties of the Portal Authentication Service that start with filterchain.properties.<fully qualified classname of the implementing class> passed in with the SecurityFilterConfig object. The SecurityFilter.destroy() method is called once when Portal is shut down.

Since:: 6.1

Method Summary
`void`	`onUserSessionTimeout(javax.servlet.http.HttpSession session, java.util.Map sessionTimeoutContext, SessionTimeoutFilterChain chain)` Can be used to implement custom code for a session timeout.

Methods inherited from interface com.ibm.portal.security.SecurityFilter
`destroy, init`

Method Detail

onUserSessionTimeout

void onUserSessionTimeout(javax.servlet.http.HttpSession session,
                          java.util.Map sessionTimeoutContext,
                          SessionTimeoutFilterChain chain)
                          throws UserSessionTimeoutException

Can be used to implement custom code for a session timeout. The implementation should call the corresponding onUserSessionTimeout method on the next element in the chain by invoking the method on the last argument passed in.

Parameters:: session - The HTTP session that timed out.; sessionTimeoutContext - A Map that can be used to share information between the session timeout filter elements.; chain - The reference to the session timeout filter chain that has to be used to call the onUserSessionTimeout method of the next filter chain element.
Throws:: OnUserSessionTimeoutException - This generic exception is thrown for all kinds of exceptions that can occur during the session timeout handling.; UserSessionTimeoutException