We have a java-GWT webapplication which is working based on the sessions to enable sso. We are using "onload" method in the form to do auto submitting the page from the servlet code. I have facing an issue in below scenarion -> Login to application and make it ideal for some time to make session time out. -> Now reload the browser tab and get the response as session time out.
Whenever we are reloading the page after session is timed out, we are sending the user to logout servet through the below path.
Window.Location.replace("http://ipaddr:port/SP/logout"); - We have configured web.xml to go to LogoutServlet.
According to above url it should go to LogoutServlet but it is behaving differently in different browsers.
-> In IE it is going to LogoutServlet as expected but in Firefox, Chrome it does not go, instead it is going to the other page (when we initially submit the form to get login page)
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><body onload="document.forms[0].submit()">
<form method="POST" action="http://IpAddr/shib_idp/expire/Logout">
<input type="hidden" name="userName" value="null"/>
<input type="hidden" name="sessionId" value="_98454538b32af07949401f0764666aee"/>
<input type="hidden" name="targetPage" value="http://IpAddr/Demo/"/>
<input type="hidden" name="loginGroupId" value="null"/>
<input type="hidden" name="locale" value="en"/>
<input type="hidden" name="logoutPage" value="logoutPage"/>
</form>
</body>
</html>
I do not know, why it is behaving differently in different browsers, When we logout from the app we use same above code, there it is working fine in all browsers, but in case of session time out the consistency has been lost. I think it is because of "onload=document.forms[0].submit()" May be it is loading the form which is already executed when the user logged-in instead of logged out. Please help me to resolve this iisue.
Aucun commentaire:
Enregistrer un commentaire