from mobile (sorry for typos ;)
On Thu, Nov 6, 2025, 22:08 Francesco Chicchiriccò <[email protected]> wrote: > One final question though: how can we understand if the logged user hit > the logout button, rather than the session timed out? > Since you are controlling the hit on logout button, you can tweak the original logic :) For ex. by not adding session id to your custom store > Regards. > > On 2025/11/05 15:50:16 Francesco Chicchiriccò wrote: > > It worked like a charm, thank you again. > > > > Regards. > > > > On 05/11/25 14:45, Francesco Chicchiriccò wrote: > > > Thank you very much Martin, I'll go ahead and follow your suggestions. > > > > > > Regards. > > > > > > On 05/11/25 14:38, Martin Grigorov wrote: > > >> Hi, > > >> > > >> It is a bit more involved. > > >> > > >> You have two use cases: > > >> - an active user became inactive and his/her session expired > > >> - a completely new user trying to reach a protected page, but (s)he > needs > > >> to authenticate first > > >> > > >> You want the feedback message only for the first case. > > >> Here is how you could do it: > > >> - register a HttpSessionListener (Servlet APIs) > > >> - when #sessionUnbound() is called you could store the expired > session id > > >> in some temporary storage, e.g. in > > >> MyApplication.get("my-app-name").getMyStore(), or in Redis if you > need it > > >> distributed > > >> - later when showing the LoginPage you could check whether your store > > >> contains the sessionId cookie from the current request > > >> -- here it is more tricky because Wicket by default uses > > >> REDIRECT_TO_RENDER, so you need to do that > > >> at AuthenticatedWebApplication#restartResponseAtSignInPage() - > override it, > > >> make the check and use RestartResponseAtInterceptPageException(Class<? > > >> extends Page> interceptPageClass, PageParameters parameters) with > some flag > > >> in the parameters that would be used by your LoginPage to decide > whether to > > >> show the feedback > > >> > > >> On Wed, Nov 5, 2025 at 3:18 PM Francesco Chicchiriccò < > [email protected]> > > >> wrote: > > >> > > >>> On 05/11/25 14:16, Timo Schmidt wrote: > > >>>> Hi, > > >>>> > > >>>> On Mi 05.11.2025 10:47, Francesco Chicchiriccò wrote: > > >>>>> I've been researching the web for this topic for a while now, > > >>>>> and I would like to get some confirmation (or hint, maybe) > > >>>>> from the community. > > >>>>> > > >>>>> I have an AuthenticatedWebApplication with custom login page; > > >>>>> once servlet session times out, any click will bring back the > > >>>>> login page. > > >>>>> > > >>>>> So far, so good. > > >>>>> > > >>>>> I would just like to add a message for the user like as > > >>>>> "sorry, your session has timed out. please log in again" on > > >>>>> the login page itself, on a blank page with a link to the > > >>>>> login page - whatever. > > >>>>> > > >>>>> Is there any recipe out there to obtain this? > > >>>> in your Application init() method: > > >>>> > > >>>> > > >>> > getApplicationSettings().setPageExpiredErrorPage(YourPageExpiredErrorPage.class); > > >>> > > >>> Tried already, not worked. > > >>> > > >>> This is for page expired, not session timeout. > > >>> > > >>> Regards. > > > > -- > > Francesco Chicchiriccò > > > > Tirasa - Open Source Excellence > > http://www.tirasa.net/ > > > > Member at The Apache Software Foundation > > Syncope, Cocoon, Olingo, CXF, OpenJPA > > https://about.me/ilgrosso > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
