Change session expired error message

asked 2021-01-24 00:14:24 +0800

Jtt gravatar image Jtt
107 4

updated 2021-01-26 01:41:01 +0800

Hi! I've implemented few security constraints with Spring-security in our project. This is working as intended but when a session replaces another one (I mean, one user logs in with X credentials while other is in the same account with the same credentials) an alert-type of message is displayed. After checking in the console, the actual error is due my security implementation.

image description

What I would like to do is to edit the message displayed in the client, as our users are far from being 'techy' and I can imagine them being scared for "Being yelled at 'JSON'". This scenario actually shouldn't happen but better be safe.

So, do I have access to this popup? It seems that is Javascript generated, as it uses ZKs style (Sliding down from the top of the screen).

Have a nice day!


By "Javascript genereted" I meant that this element is generated on event, not that is a Javascript alert. It has 'z-error' class.

EDIT 2: Added image of this message.

delete flag offensive retag edit


I increased your karma so you can upload images

cor3000 ( 2021-01-25 17:06:37 +0800 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2021-01-25 17:05:22 +0800

cor3000 gravatar image cor3000
6280 2 7

Yes these kind of client side errors occur when a security filter redirects (HTTP 302) after every failure. However redirecting a request that expects JSON as a response to a Login page that returns HTML doesn't make sense even technically. So changing the error message would be last 'hack' in case there's no other way to deal with this situation in a better way. For Ajax requests 401 error (instead of a 302) would be more correct + it can be properly handled at client side.

This is quite a lengthy topic so here the recordings of the recent public training sessions on this topic - with detailed explanations/alternatives and workarounds in case there's no other option.

Handling (SSO) redirects and ZK + Spring Security

link publish delete flag offensive edit


Thank you! I edited my post with the message. I'll try to check on the resources you added later as I'll be quite busy this week, and fortunately this is not a priority.

Jtt ( 2021-01-26 01:44:44 +0800 )edit
Your answer
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

1 follower



Asked: 2021-01-24 00:14:24 +0800

Seen: 6 times

Last updated: Jan 26 '21

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More