How to force user to "homescreen" when restarting session. (OnSessionStart?)

How to force user to "homescreen" when restarting session. (OnSessionStart?)

  

Hello fellow developers, i have a small question:

The case:

During a user flow a user chooses some settings. We store those in a session variable.

When a user is inactive for more than 20 minutes and reloads the page he will be guided to the login process. Since we have Integrated Authentication this is will be done automatically and the page will be loaded again.

In this situation the values from the session variables are gone and the page displays incorrect information. 

One of the solutions could be to check if the session variables are filled in on preparation of every page in that module. But that's a lot of reuse of code and i would like to have a better maintainable solution.

My idea is to guide to user to the homepage of the module when it's a session start (of that module). So we are sure that he will follow the flow again and select the proper values.

Offcourse it's possible that he can use the back button of the browser again to go to the previous screen when he loaded the EntryURL page but we will verify the sesion variables on critical screens or actions (CRUD).

Has anyone got an idea?

Thanks, Peter

Hi Peter,

First, relying on Session Variables to display data on the screen is a pretty dangerous practice. You should ideally limit the use to filter values etc.

That said, I'm not sure how the integrated authentication works in terms of where the code resides that checks whether the user is logged in and if not authenticates the user. Presumably that's also where the redirect is done - the redirect you'd want to avoid.

Kilian Hekhuis wrote:

Hi Peter,

First, relying on Session Variables to display data on the screen is a pretty dangerous practice. You should ideally limit the use to filter values etc.

That said, I'm not sure how the integrated authentication works in terms of where the code resides that checks whether the user is logged in and if not authenticates the user. Presumably that's also where the redirect is done - the redirect you'd want to avoid.

We store for example in the session what location he is in. What suggestion do you have to store this date and use in a lot of screens?

The authentication is on library level. I don't want to configure logic that's needed in the End User layer.


Why don't you just redirect, after login is done correctly, to homescreen on login action instead of letting it go to refferURL?


Abílio Matos

I've seen a solution that probably works:

HTTPRequestHandler.addHeader (Name: "Location" / Value: "URL"
HTTPRequestHandler.SetStatusCode (StatusCode: 303).

That will trigger the browser to redirect to go to a different URL. You can do this action from a server action so can be applied on different scenarios. I am going to test if this works in my case, but it seems so.