Spring security and angular javascript redirect to login page

Question

Hi I am facing a problem with spring security+Spring MVC+angular javascript.. When the session is invalid I want to request the (whole) page to get redirected to login page.

I tried <session-management invalid-session-url="/login" /> But its not working since its a one page app...

Or any suggestion to handle sessiontimeout in angular javascript single page app

Any help ?

Answer 1

You can write or use HTTP interceptors like this https://github.com/witoldsz/angular-http-auth to capture timeout issues.

Basically when session expires any server request starts to return 401, which can be capture by using HTTP interceptor and necessary redirects can be performed.

Answer 2

I made a simple code for checking session timeout and redirect to login page for spring security. It's not a smart solution, but returned status is 200 and response doesn't contain redirect information.

var app = angular.module("app");
app.factory("sessionInjector", ['$log', function($log){
    return {
        request: function(config) {return config;},
        response: function(response) {
            if (typeof response.data === "string" && response.data.indexOf("login") > -1) {
                alert("Session expired.");
                location.reload();
            }
            return response;
        }
    };
}]);
app.config(["$httpProvider", function($httpProvider){
    $httpProvider.interceptors.push("sessionInjector");
}]);