Home > html, iframe, javascript, tech > Handling session timeouts in an application with HTML IFrames

Handling session timeouts in an application with HTML IFrames

In the application I am working on now, we load portions of the application as HTML documents into an IFrame. If the user does not act on the application for some time, the session times out and the user need to be redirected to the login page. We had set up this redirect using Acegi. But when the user performs an action on an IFrame after a period of inactivity, the login page would be shown in the IFrame. This is, of course, ugly and I have been looking for a workaround for this. Today I got this fixed, but I am unsure how proper this solution is.

We now have a page called redirectToLogin.html with:

<script type="text/javascript">
    top.location.href="login.jsp";
</script>

All this page does is redirect the browser to login.jsp page, but this prevents the login page being shown in the IFrame.

Kindly drop me a note if you know of a better solution.

Advertisements
Categories: html, iframe, javascript, tech
  1. John Manoah
    May 7, 2009 at 9:43 am

    Hi Bini – This one works when you use a html page to redirect. If its a server side redirect (which is in most of the cases) you might have to add a small script snippet to the Login page like this.

    window.onload = function(){
    if (top.location.href != self.location.href)
    top.location.href = ‘Login.cfm’;
    };

    Basically what this script does is to check if a parent window(top) is present or not. If yes, it sets the location to the topmost window in the frame. In simple words we are forcing the Login page to always open in the top most window.

    HTH!

  2. Narayanan
    June 28, 2010 at 4:11 am

    Hi Bini,

    In our application, we are using Iframe to show some event count. That Iframe will refresh for every 3 minutes. Session logout time in web.xml set as 10 minutes. If user is idel for more then 10 minutes, application is not going to session time out. Because of the Iframe. is there any way we can skip Iframe request ? so that if user is idel for 10 min, weblogic will force session time out ?

    Thanks in advance.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: