A quite interesting bit of work I am doing at the moment is building an AngularJS app running on an IBM ISeries, this has presented a whole series of odd little challenges but the one that bit us hard by corporate standards was logout and session expiring, The system and its sessions are on an Apache box sitting on an ISeries, it has turned out that not only was the Apache logout URL not present but that the Apache session expiry did not take effect but even if it had, it would have screwed up the Internal application that most people use to have an Iseries Session via a browser..
So what to do….
- As this is for an AngularJs app, no jquery or such
- I did not want this solution to actually be built into the angularjs app, as in a perfect world the underling issues will be fixed and I want it easily ripped out, also I don’t want the code mentioned in each controller etc etc.
- The server that the app is running on has no facility to handle log off and does not have session based authentication (or even a login page)
Basic authentication does not really handle log off very well. For everything but Internet explorer you basically have to perform a fake login.
Followed by a very iffy 30 min log off timer, that surprising works rather well
|↑1||but even if it had, it would have screwed up the Internal application that most people use to have an Iseries Session via a browser.|