Topic
  • 3 replies
  • Latest Post - ‏2012-12-13T16:00:32Z by SystemAdmin
SystemAdmin
SystemAdmin
2327 Posts

Pinned topic Restrict user access based on session timeout

‏2012-12-04T12:42:51Z |
Hi,

Consider a scenario there is app with Login page, Home page and second Page.

The user has logged into the app and home page is available for him.

Lets say, serverSessionTimeout=1 i.e 60 seconds. User is not using the app for more than 2 minutes.

Now the user tries to access the second page from Home page and i want to block this navigation since the session needs to be maintained for 60 seconds.

Whether this can be done with WL.Client.isUserAuthenticated.

Thanks.
  • ShmulikB
    ShmulikB
    20 Posts

    Re: Restrict user access based on session timeout

    ‏2012-12-09T12:14:39Z  
    Hi
    First, IBM Worklight is a single-page-application (SPA)
    so you should not use more than 1 HTML file.
    For more information refer to training module 7.5 Multi page application basics
    (ftp://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v505/Module_07_5_-_Building_a_Multi_Page_Application.pdf)

    Second, there is no need to use WL.Client.isUserAuthenticated -
    Once the sessionTimeout expires the user will get a login screen.
  • SystemAdmin
    SystemAdmin
    2327 Posts

    Re: Restrict user access based on session timeout

    ‏2012-12-13T09:30:18Z  
    • ShmulikB
    • ‏2012-12-09T12:14:39Z
    Hi
    First, IBM Worklight is a single-page-application (SPA)
    so you should not use more than 1 HTML file.
    For more information refer to training module 7.5 Multi page application basics
    (ftp://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v505/Module_07_5_-_Building_a_Multi_Page_Application.pdf)

    Second, there is no need to use WL.Client.isUserAuthenticated -
    Once the sessionTimeout expires the user will get a login screen.
    Hi ShmulikB,

    I would like to make my question more clear.

    Login page, Home page and second Page are in the single HTML file with separate div.

    Once the user gets authenticated, user identity object will be created at server.

    If user tries to access second page from home page http://i.e mobile - client, how i can restrict the navigation that based on the session time out.
  • SystemAdmin
    SystemAdmin
    2327 Posts

    Re: Restrict user access based on session timeout

    ‏2012-12-13T16:00:32Z  
    Hi ShmulikB,

    I would like to make my question more clear.

    Login page, Home page and second Page are in the single HTML file with separate div.

    Once the user gets authenticated, user identity object will be created at server.

    If user tries to access second page from home page http://i.e mobile - client, how i can restrict the navigation that based on the session time out.
    If your web resource is protected (need authentication before use), security framework will take care of it and will guide it to login page in authentication model. In session expired case, it is same thing.

    Jerry