Requirements
uMobile performs manual session timeout tracking to ensure that an active session is always available. This logic is designed to prevent the following scenario:
- User opens the uMobile app, establishing an authenticated session
- uMobile app renders a set of icons based on that user's authenticated layout
- User doesn't leave the app, but sets the phone down for some period of time longer than the uMobile server's default timeout
- User picks the phone back up and attempts to interact with one of the modules
- Because the user no longer has an authenticated session, uPortal automatically initializes a new guest session
- Module returns a permissions (or missing content) error because the module isn't in the guest layout, or displays a different (non-customized) data set for the module
To prevent the above, the uMobile's native app tracks the last-accessed time of the session on each request that would touch the server session (establishing the session, interacting with a portlet, etc.). Each time the app attempts to access a remote portal resource, the native app first checks the last-accessed timestamp. If the last access was long enough ago that the session is likely expired, the app establishes a new session before executing the request.
Session Tracking Plugin
To support uMobile's session management requirements, the project has developed a custom SessionTracking plugin using the PhoneGap plugin API. This plugin provides two methods:
- get: returns the last-accessed timestamp for the current session
- set: sets the last-accessed timestamp for the current session to the system's current time, then returns that value
Implementation