Make the following entries in the web.xml in the <filter> tag
<filter>
<filter-name>SessionExpiryFilter</filter-name>
<filter-class> com.test.session. InvokeSessionExpiryFilter </filter-class>
<init-param>
<param-name>RedirectWhenSessionTimeout</param-name>
<param-value>login.jspx</param-value>
</init-param>
</filter>
Create a new java class – InvokeSessionExpiryFilter
package com.test.session;
import java.io.IOException;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class InvokeSessionExpiryFilter implements Filter {
private FilterConfig _filterConfig = null;
public void init(FilterConfig filterConfig) throws ServletException {
_filterConfig = filterConfig;
}
public void destroy() {
_filterConfig = null;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException,
ServletException {
boolean bypass = true;
String URL = ((HttpServletRequest)request).getRequestURL().toString();
HttpServletRequest httpRequest = null;
HttpSession session = null;
try {
httpRequest = (HttpServletRequest)request;
session = httpRequest.getSession();
if (session.getAttribute(“loginName”) == null) {
session.invalidate();
bypass = false;
} else {
bypass = true;
}
}
} catch (NullPointerException e) {
// RESET THE BYPASS FLAG TO FALSE IF LOGIN NAME IS NULL
bypass = false ;
// e.printStackTrace();
}catch (Exception e) {
// RESET THE BYPASS FLAG TO FALSE IF LOGIN NAME IS NULL
// e.printStackTrace();
bypass = false ;
}