1

I need to leave the application after some time of inactivity.

I tried using session.invalidate(); but it is not working as I am using basic authentication and I redirected to a JSP page where it asks for login again.
But it is not asking any login credentials while users directly logging in into the application. The only way to logout with basic authentication is to close the Webbrowser.
I need an API such that after inactivty, say 10 mins, it should redirect to one JSP page without closing the browser. E.g. like banking sites which display "session expired, please login again".

Improve this question
1

1 Answer 1

Reset to default
0

Make use of meta refresh header in combination with HttpSession#getMaxInactiveInterval(). It returns the remaining lifetime of the HttpSession in seconds and that's exactly what you need in a meta refresh header.

<meta http-equiv="refresh" content="${pageContext.session.maxInactiveInterval};url=expired.jsp">

Include this header in your HTML <head>. If the session timeout has been reached, then the browser will automatically redirect the page to the specified url, which is expired.jsp in above example.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.