logout with basic authentication without closing webbrowser like banking sites will display

I need to leave the application after some time of inactivity.

I tried using session.invalidate(); but it is not working as I am using basic authentication and I redirected to a JSP page where it asks for login again.

But it is not asking any login credentials while users directly logging in into the application. The on开发者_如何转开发ly way to logout with basic authentication is to close the Webbrowser.

I need an API such that after inactivty, say 10 mins, it should redirect to one JSP page without closing the browser. E.g. like banking sites which display "session expired, please login again".

Make use of meta refresh header in combination with HttpSession#getMaxInactiveInterval(). It returns the remaining lifetime of the HttpSession in seconds and that's exactly what you need in a meta refresh header.

<meta http-equiv="refresh" content="${pageContext.session.maxInactiveInterval};url=expired.jsp">

Include this header in your HTML <head>. If the session timeout has been reached, then the browser will automatically redirect the page to the specified url, which is expired.jsp in above example.