Topic
3 replies Latest Post - ‏2012-12-13T16:00:32Z by SystemAdmin
SystemAdmin
SystemAdmin
2327 Posts
ACCEPTED ANSWER

Pinned topic Restrict user access based on session timeout

‏2012-12-04T12:42:51Z |
Hi,

Consider a scenario there is app with Login page, Home page and second Page.

The user has logged into the app and home page is available for him.

Lets say, serverSessionTimeout=1 i.e 60 seconds. User is not using the app for more than 2 minutes.

Now the user tries to access the second page from Home page and i want to block this navigation since the session needs to be maintained for 60 seconds.

Whether this can be done with WL.Client.isUserAuthenticated.

Thanks.
  • ShmulikB
    ShmulikB
    20 Posts
    ACCEPTED ANSWER

    Re: Restrict user access based on session timeout

    ‏2012-12-09T12:14:39Z  in response to SystemAdmin
    Hi
    First, IBM Worklight is a single-page-application (SPA)
    so you should not use more than 1 HTML file.
    For more information refer to training module 7.5 Multi page application basics
    (ftp://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v505/Module_07_5_-_Building_a_Multi_Page_Application.pdf)

    Second, there is no need to use WL.Client.isUserAuthenticated -
    Once the sessionTimeout expires the user will get a login screen.
    • SystemAdmin
      SystemAdmin
      2327 Posts
      ACCEPTED ANSWER

      Re: Restrict user access based on session timeout

      ‏2012-12-13T09:30:18Z  in response to ShmulikB
      Hi ShmulikB,

      I would like to make my question more clear.

      Login page, Home page and second Page are in the single HTML file with separate div.

      Once the user gets authenticated, user identity object will be created at server.

      If user tries to access second page from home page http://i.e mobile - client, how i can restrict the navigation that based on the session time out.
      • SystemAdmin
        SystemAdmin
        2327 Posts
        ACCEPTED ANSWER

        Re: Restrict user access based on session timeout

        ‏2012-12-13T16:00:32Z  in response to SystemAdmin
        If your web resource is protected (need authentication before use), security framework will take care of it and will guide it to login page in authentication model. In session expired case, it is same thing.

        Jerry