I am currently migrating our code base from Vaadin 6 to 7.1.7, and I am seeing strange behavior during session timeouts. Essentially, I am doing the following:
- Have a class which implements HpptSessionListener, and in the sessionDestroyed() method, doing some cleanup.
- Have a class which extends VaadinServlet. In the servletInitialized() method, I create a new SystemMessagesProvider in order to invoke setSessionExpiredURL().
- Have a class which extends UI, and overrides the close() method to do some cleanup.
The app is running under JBoss 7.1.3, and I have my timeout value set to 1 minute for testing purposes.
MOST of the time, when the session expires, the behavior is as desired: sessionDestroyed() and close() get invoked, and my page redirects automatically to the URL I have specified. If I click on the “Click here to log back in” link on that page, it does indeed take me to my login page.
HOWEVER, some of the time, the page redirect occurs, but sessionDestroyed() and close() are NOT invoked. If I click on the “Click here to log back in” link on my page, it takes me back to the page within the app which I was working on prior to the timeout, with all data intact. The login page is completely bypassed.
I don’t see any obvious pattern to what leads to this invalid behavior, other than accessing more pages in the app prior to the timeout seems to make the problem occur more frequently than if I only access a few pages prior to the timeout.
Has anyone ever seen this behavior, or have any idea as to what could be the cause? I could not replicate this in our older version of the app using Vaadin 6.
Regards,
Ron