I would like to throw a message when the session expires from Vaadin. This works normally without the JAAS (JavaTM Authentication and Authorization Service).
The JAAS takes control of the session, and expires it (ok, this is correct).
Then , Vaadin is not able to recognize the expired session, because the session is no more longer available.
Anyone has already done this with JAAS?
My principal question is: how to throw a message when session expires while Jaas is controlling the session.
This is one of the most irritating things about using JAAS; basically, there is no way for Vaadin to detect the session expiration. And since the response to a normal Vaadin call is suddenly invalid (the login page, served by JAAS), Vaadin throws a fit. Fortunately, there is a workaround for this.
If you add the text
Vaadin-Refresh: /myLogin
inside your login page (in a HTML comment for example), The Vaadin client side will automatically redirect the browser to the given url. This page can be a notification, the login page, or whatever. It is not a perfect solution, but currently it is the best one there is.
