Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle session timeout gracefully #6

Open
dellermann opened this issue Nov 23, 2013 · 1 comment
Open

Handle session timeout gracefully #6

dellermann opened this issue Nov 23, 2013 · 1 comment
Labels
enhancement
Milestone
2.0

Comments

@dellermann
Copy link
Owner

If the session expires and the user is currently working on a form the user looses all his input because he is redirected to the login page.

If the session expires we should temporarily store all submitted data, redirect the user to the login page, and after perform the former operation (e. g. storing the form data) again.

Related to Bugzilla bug 208.
@dellermann dellermann modified the milestones: 2.0, 1.6 Dec 27, 2015
@dellermann
Copy link
Owner Author

We have the following options:

  • set session timeout in web.xml
  • regularly send a request to the server

See the discussion for more information.

IMHO, we should choose option 2 and make it configurable in order to prevent security issues. And because SpringCRM usually works on intranet we should increase session timeout in web.xml to something as 30 minutes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
2.0
Development

No branches or pull requests
1 participant
@dellermann