I have a java web application running on WebSphere 7. The application uses form authentication method and part of the application accesses some protected resources using ajax requests. However, when the user's session expires, I am getting the login page in place of the content that is supposed to be refreshed by the ajax request.
Is there a good way to handle this problem? WebSphere returns a response status 200 with the login page so I cannot rely on that.
Maybe there is a way to tell the server that basic authentication should be used in certain circumstances but I don't know how.
I also thought of checking first if the session is new by making a request to unprotected resources first then return a certain status but it looks like a code smell solution...