"Final" updates on improved session management

3 months ago · b9d6aea3ea
parent 95ceb82eed
commit b9d6aea3ea
4 changed files with 23 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -95,4 +95,16 @@ displayed. To minimize this, better timeout mechanisms have been
 installed and the recipe browser keeps last-search and search-type
 values in long-lived cookies on the client. The server will read
 and cache them, but if the server times out, it will automatically
-re-read the cookies on the next request.
+re-read the cookies on the next request.
+
+When editing, the AJAX controls tended to get confused when a
+session timed out. New changes give a "save work" warning 5 minutes
+before timeout, and force a timeout from JavaScript that
+exits the unattended page before the user can run afoul of the
+lost session.
+
+Note that by default, JSF caches ViewState in a session so every
+JSF View can cause a session to be created, not just Views that
+reference View- or SessionScoped backing beans. This is alterable
+by setting an option in the faces-config.
+force 
--- a/application.properties
+++ b/application.properties
@ -24,3 +24,6 @@ gourmet.password.file=${user.home}/.gourmetpw

 # This will override aplication.yml
 #server.servlet.context-parameters.primefaces.THEME=le-frog
+
+### HttpSession timeout (note effects on detailEdit idleMonitors)
+server.servlet.session.timeout=35m
--- a/src/main/java/com/mousetech/gourmetj/CookieBean.java
+++ b/src/main/java/com/mousetech/gourmetj/CookieBean.java
@ -22,6 +22,7 @@ import jakarta.inject.Named;

 /**
 * Request caching object for cookie data persistence.
+ * Does double-duty serving View Session timeouts.
 * 
 * @author timh
 * @since Jan 31, 2024
@ -125,13 +126,16 @@ public class CookieBean {
 		cookieMap.put(KEY_DISPLAY_ROWS, String.valueOf(value));
 	}
 	
+	/**
+	 * IdleMonitor backing methods (session/View timeout)
+	 */
 	public void sessionIdleListener() {
-		log.warn("Session Idle Listener fired.");
+		log.info("Session Idle Listener fired.");
 		JSFUtils.addWarningMessage("Timeout approaching. Save your work!");
 	}

 	public void sessionTimeout() {
-		log.warn("Session Timeout Listener fired.");
+		log.info("Session Timeout Listener fired.");
 		JSFUtils.logout();
 	}

--- a/src/main/resources/META-INF/resources/detailEdit.xhtml
+++ b/src/main/resources/META-INF/resources/detailEdit.xhtml
@ -391,11 +391,7 @@
                            </p:panel>
                        </p:tab>
                    </p:tabView>
-                    <p:commandButton id="doSave" value="Save"
-                        icon="ui-icon-pencil" ajax="false"
-                        disabled="{not recipeDetailBean.dirty}"
-                        action="#{recipeDetailBean.doSave}"
-                    />
+                    <p:commandButton id="doSave" value="Save" icon="ui-icon-pencil" ajax="false" disabled="{not recipeDetailBean.dirty}" action="#{recipeDetailBean.doSave}" />
                    <p:commandButton id="doCancel" value="Cancel"
                        ajax="false" immediate="true"
                        action="recipeDetails.jsf"