This discussion is archived
7 Replies Latest reply: Jun 18, 2012 10:38 PM by 665345 RSS

how does ADF build AdfPage.PAGE.__recordSessionTimeout

665345 Newbie
Currently Being Moderated
We built one application, and publish it in internet through Proxy server.

On every page ADF addes the javascript as below
AdfPage.PAGE.__recordSessionTimeout(1800000, 60000, "http://127.0.0.1:7101/app_context/page.jspx");

For this, when the idle time is out the page will be redirected to "http://127.0.0.1:7101/app_context/page.jspx", this link is impossible to access to internet user.

Is there any solution to remove the first part http://127.0.0.1:7101(Hostname:port) for this?

Any input is appreciated!!
  • 1. Re: how does ADF build AdfPage.PAGE.__recordSessionTimeout
    Frank Nimphius Employee ACE
    Currently Being Moderated
    Hi,

    From the documentation:

    +"A.2.3.19 Session Timeout Warning+

    +When a request is sent to the server, a session timeout value is written to the page and the session timeout warning interval is defined by the context parameter oracle.adf.view.rich.sessionHandling.WARNING_BEFORE_TIMEOUT. The user is given the opportunity to extend the session in a warning dialog, and a notification is sent when the session has expired and the page is refreshed. Depending on the application security configuration, the user may be redirected to the log in page when the session expires.+

    +Use the oracle.adf.view.rich.sessionHandling.WARNING_BEFORE_TIMEOUT context parameter to set the number of seconds prior to the session time out when a warning dialog is displayed. If the value of WARNING_BEFORE_TIMEOUT is less than 120 seconds, if client state saving is used for the page, or if the session has been invalidated, the feature is disabled. The session time-out value it taken directly from the session.+

    +Example A-3 shows configuration of the warning dialog to display at 120 seconds before the time-out of the session.+

    +Example A-3 Configuration of Session Time-out Warning+

    +<context-param>+
    +<param-name>oracle.adf.view.rich.sessionHandling.WARNING_BEFORE_+
    +TIMEOUT</param-name>+
    +<param-value>120</param-value>+
    +</context-param>+

    +The default value of this parameter is 120 seconds. To prevent notification of the user too frequently when the session time-out is set too short, the actual value of WARNING_BEFORE_TIMEOUT is determined dynamically, where the session time-out must be more than 2 minutes or the feature is disabled."+


    As there is no parameter to configure the URL for the link, I suggest to disable the feature:

    Use the oracle.adf.view.rich.sessionHandling.WARNING_BEFORE_TIMEOUT context parameter to set the number of seconds prior to the session time out when a warning dialog is displayed. If the value of WARNING_BEFORE_TIMEOUT is less than 120 seconds, if client state saving is used for the page, or if the session has been invalidated, the feature is disabled. The session time-out value it taken directly from the session

    Before I can file an ER, I need to know

    1. Which Version of JDeveloper
    2. Why is the server you run configured with local host IP address. I am not sure the proxy server understands how to map this at all. Did you try a server name or real IP address

    Frank

    Edited by: Frank Nimphius on May 31, 2012 10:19 AM
  • 2. Re: how does ADF build AdfPage.PAGE.__recordSessionTimeout
    665345 Newbie
    Currently Being Moderated
    Hi Frank,

    Thanks for your information!

    1) We use this version JDEVADF_11.1.2.0.0_GENERIC_110531.1615.6017 for development.
    2) What I posted is my testing program in my PC, for our testing environment the hostname is the real IP like 192.168.1.101.

    The real script is the following in our production:
    AdfPage.PAGE.__recordSessionTimeout(1800000, 60000, "http://192.168.1.101:80/App/faces/Login.jspx");

    I also checked the Oracle ADFDemo.
    In the demo application, the script is the following:
    AdfPage.PAGE.__recordSessionTimeout(2100000, 120000, "/ADFDemo-ADFDemo1112-context-root/faces/accessibility.jspx")
    This is what I want.

    Inside the script object AdfPage, this function __recordSessionTimeout will use window.location.replace to handle the newSessionURL.
    If the intranet IP address is the hostname for the newSessionURL, this action of window.location.replace will fail.

    I don't for sure what kind of context parameters will affect this.

    Thanks & Best Regards,
    Jason
  • 3. Re: how does ADF build AdfPage.PAGE.__recordSessionTimeout
    664308 Newbie
    Currently Being Moderated
    Hi Frank,

    When you get the answer, please reply in the some page.

    Thanks & Best Regards,
    Jason
  • 4. Re: how does ADF build AdfPage.PAGE.__recordSessionTimeout
    Frank Nimphius Employee ACE
    Currently Being Moderated
    Hi,

    did not get an answer yet

    Frank
  • 5. Re: how does ADF build AdfPage.PAGE.__recordSessionTimeout
    Frank Nimphius Employee ACE
    Currently Being Moderated
    Hi,

    apparently this has been filed as bugs 13922784 and 14033097 and is scheduled to be fixed in 12c. You can check if the hostname of yours appears in the JavaEE path (e.g. http://mycomp.com:7001/mycomp/...) if this is the case, the fix is to change the Java EE path

    Frank
  • 6. Re: how does ADF build AdfPage.PAGE.__recordSessionTimeout
    Frank Nimphius Employee ACE
    Currently Being Moderated
    ... btw.: What type of proxy server do you use ?

    There is a discussion initiated by this post about probably changing the way we do the redirect to better address issues like this. So knowing which proxy you are on would help for the test case

    Frank
  • 7. Re: how does ADF build AdfPage.PAGE.__recordSessionTimeout
    665345 Newbie
    Currently Being Moderated
    Hi Frank,

    The hostname is in the path, and it's the intranet ip of the server.
    We have some clients who access this application through intranet, for these users there is no problem for accessing the application if the JavaEE path including the hostname because the client side and server side are in the same network.
    Also we have some clients who access this application through internet by apache proxy which is in our DMZ, for these users if the intranet ip is in the JavaEE path there should be the problem.

    Thanks & Best Regards,
    Jason

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points