Project

General

Profile

Actions
Copy link

Feature #251

closed
JA JA

handle http session expiry

Feature #251: handle http session expiry

Added by Josip Almasi 10 months ago. Updated 8 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Josip Almasi
Start date:
06/24/2025
Due date:
% Done:

0%

Estimated time:

Description

Expired sessions are destroyed, currently this is caught only in SeleniumConfig.sessionDestroyed (HttpSessionListener).
(and subsequent http requests that require authorization are forbidden)
But the websocket remains open.
Server could (should?) close it with the appropriate code.
Websocket session keeps HttpSession in HTTP.SESSION attribute, SessionManager tracks all sessions and clients, Client contains websocket session.

JA Updated by Josip Almasi 9 months ago Actions
Copy link
 #1

  • Status changed from New to In Progress
  • Assignee set to Josip Almasi

JA Updated by Josip Almasi 9 months ago Actions
Copy link
 #2

Spring closes websockets of authenticated sessions automatically, with
code=1008, reason=This connection was established under an authenticated HTTP session that has ended.
But the client needs to re-authenticate to reconnect.

JA Updated by Josip Almasi 9 months ago Actions
Copy link
 #3

  • Status changed from In Progress to Resolved

Closing websockets when anonymous http session expires.

JA Updated by Josip Almasi 8 months ago Actions
Copy link
 #4

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: PDF Atom