Find your content:

Search form

You are here

Determine from Apex whether a user's session is invalid


Can anyone think of a way, from within Apex, to tell if a User's session has expired / been invalidated?

Our app is very JS Remoting intensive, so it would be nice if we were able to detect, from within a @RemoteAction annotated method, whether a User's session has expired. Or does anyone know, will the Session Id, as returned from UserInfo.getSessionId(), be null if it has expired / been invalidated?

Attribution to: zachelrath

Possible Suggestion/Solution #1

I suspect your apex won't be run if there will be a timeout (meaning that for all practical purposes you can treat UserInfo.getSessionId() as never null).

Can you wrap your methods in client-side check?

var currentTime=new Date().getTime();
var sessionTimeLeft=secondsLeftValue-((currentTime-lastPageActivityTime)/1000);

It's based on stuff you can see when you view page source a bit under <form id="sessiontimeout"...

Alternatively maybe you can make a simple call to server from JS before calling actual remoteAction?

See sample calls in the AJAX toolkit. You'd have to query for something or perhaps retrieve something really small:

var result = sforce.connection.getServerTimestamp();

var user = sforce.connection.getUserInfo();
log("Hello " + user.userName);
log("Your email id is " + user.userEmail);
log("and you work for " + user.organizationName);

But I recall reading somewhere we shouldn't mix VF and the connection.js library...

Attribution to: eyescream

Possible Suggestion/Solution #2

You could write a custom web service to test whether the session is valid and then make a web service request to check this (if you wanted to use the token).

You would need to define a web service that would simply return true if the user could access it. Then expose this as a web service and generate the wsdl file for it before reimporting it to make the call.

Alternatively, look at something like the FinancialForce metadata wrapper - just attempt to login to that. If your session Id is valid you will be able to login otherwise you will not.

Attribution to: pbattisson
This content is remixed from stackoverflow or stackexchange. Please visit

My Block Status

My Block Content