You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Kelly Merrell <km...@crye-leike.com> on 2008/03/26 15:52:07 UTC
[T4] PageRedirectException in pageValidate after AjaxDirectLink
I'm having a problem with my authentication redirect when using Ajax to
update page components. I use PageRedirectException on each page to
redirect to a login page if the user is not logged in when the page
validates. This works as expected when hitting the page normally, but if
I am using an AjaxDirectLink after the login has expired, the response
is returned as the HTML of the login page and not "handled" by
AjaxDirectService so that it is wrapped in the xml tags and have the
"window.location.href" javascript redirect added. As the response is not
xml, it breaks on the client side and the page does not redirect.
I have seen a few other people bring up this issue, but I can't find any
evidence of a solution or work around. I would have thought that this
would be a common problem, but maybe I am just overlooking a simple fix.
Any help here would be greatly appreciated!
My pageValidate method is simply:
public void pageValidate(PageEvent event) {
if (!isLoggedIn()) {
Login loginPage = getRedirectPage();
throw new PageRedirectException(loginPage);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [T4] PageRedirectException in pageValidate after AjaxDirectLink
Posted by Andreas Andreou <an...@gmail.com>.
Tapestry 4.0.x with tacos probably doesn't add the request header...
just the parameter. So, what you're seeing is consistent, and if
you want to plan ahead, check for the existence of either of those
On Thu, Mar 27, 2008 at 11:32 PM, Kelly Merrell <km...@crye-leike.com> wrote:
> Thanks for the example Steve. My only issue is that I don't seem to be
> getting a "dojo-ajax-request" header in the request. There is a
> "dojoRequest" parameter, which seems like I can use it for the same
> purpose. Are you using a version of Tapestry greater than 4.02?
>
> I'm going to try to adopt your method, but without moving my
> authentication code into the servlet filter.
>
> Thanks again!
>
>
>
> Steve Shucker wrote:
> > I already had a servlet filter doing some custom authentication and
> > handling redirects to a separate login service for expired sessions,
> > so I added a little extra code in there. First off, you can identify
> > ajax requests by the presence of an HttpServletRequest header called
> > "dojo-ajax-request" with a value of "true". If I see that header, I
> > write my own custom response instead of going down the filter chain.
> > Here's the method I use to build the response:
> >
> > private void sendAjaxRedirect(HttpServletResponse httpResponse)
> > throws IOException {
> > PrintWriter writer = httpResponse.getWriter();
> > writer.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
> > writer.write("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0
> > Transitional//EN\"
> > \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"
> > [\n<!ENTITY nbsp ' '>\n]>\n");
> > writer.write("<ajax-response>");
> > writer.write("<response id=\"initializationscript\"
> > type=\"script\"><script>\n//<![CDATA[\n");
> > writer.write("window.location.href = '" +
> > params.getOriginalUrl() + "';\n");
> > writer.write("//]]>\n</script></response>");
> > writer.write("</ajax-response>");
> > }
> >
> > replace "params.getOriginalUrl()" with the entry URL for your app.
> >
> > This code generates a response that the tapestry/dojo wiring will
> > interpret by parsing the window.location.href javascript.
> >
> > -Steve
> >
> > Kelly Merrell wrote:
> >> I'm having a problem with my authentication redirect when using Ajax
> >> to update page components. I use PageRedirectException on each page
> >> to redirect to a login page if the user is not logged in when the
> >> page validates. This works as expected when hitting the page
> >> normally, but if I am using an AjaxDirectLink after the login has
> >> expired, the response is returned as the HTML of the login page and
> >> not "handled" by AjaxDirectService so that it is wrapped in the xml
> >> tags and have the "window.location.href" javascript redirect added.
> >> As the response is not xml, it breaks on the client side and the page
> >> does not redirect.
> >>
> >> I have seen a few other people bring up this issue, but I can't find
> >> any evidence of a solution or work around. I would have thought that
> >> this would be a common problem, but maybe I am just overlooking a
> >> simple fix. Any help here would be greatly appreciated!
> >>
> >> My pageValidate method is simply:
> >>
> >> public void pageValidate(PageEvent event) {
> >> if (!isLoggedIn()) {
> >> Login loginPage = getRedirectPage();
> >> throw new PageRedirectException(loginPage);
> >> }
> >> }
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Andreas Andreou - andyhot@apache.org - http://blog.andyhot.gr
Tapestry / Tacos developer
Open Source / JEE Consulting
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [T4] PageRedirectException in pageValidate after AjaxDirectLink
Posted by Steve Shucker <ss...@vmsinfo.com>.
I'm using 4.1.5 and I think I wrote that code against 4.1.3. I agree
that you shouldn't move your auth code into a filter - I only mentioned
that to explain why I wasn't handing you the whole filter code. You may
have to tweak the generated code a bit for 4.0.2. I just used firebug
to grab a dojo response and looked for some JS that I knew was
executing. Once you know to look for a custom header, the rest is easy.
-Steve
Kelly Merrell wrote:
> Thanks for the example Steve. My only issue is that I don't seem to be
> getting a "dojo-ajax-request" header in the request. There is a
> "dojoRequest" parameter, which seems like I can use it for the same
> purpose. Are you using a version of Tapestry greater than 4.02?
>
> I'm going to try to adopt your method, but without moving my
> authentication code into the servlet filter.
>
> Thanks again!
>
> Steve Shucker wrote:
>> I already had a servlet filter doing some custom authentication and
>> handling redirects to a separate login service for expired sessions,
>> so I added a little extra code in there. First off, you can identify
>> ajax requests by the presence of an HttpServletRequest header called
>> "dojo-ajax-request" with a value of "true". If I see that header, I
>> write my own custom response instead of going down the filter chain.
>> Here's the method I use to build the response:
>>
>> private void sendAjaxRedirect(HttpServletResponse httpResponse)
>> throws IOException {
>> PrintWriter writer = httpResponse.getWriter();
>> writer.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
>> writer.write("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0
>> Transitional//EN\"
>> \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"
>> [\n<!ENTITY nbsp ' '>\n]>\n");
>> writer.write("<ajax-response>");
>> writer.write("<response id=\"initializationscript\"
>> type=\"script\"><script>\n//<![CDATA[\n");
>> writer.write("window.location.href = '" +
>> params.getOriginalUrl() + "';\n");
>> writer.write("//]]>\n</script></response>");
>> writer.write("</ajax-response>");
>> }
>>
>> replace "params.getOriginalUrl()" with the entry URL for your app.
>>
>> This code generates a response that the tapestry/dojo wiring will
>> interpret by parsing the window.location.href javascript.
>>
>> -Steve
>>
>> Kelly Merrell wrote:
>>> I'm having a problem with my authentication redirect when using Ajax
>>> to update page components. I use PageRedirectException on each page
>>> to redirect to a login page if the user is not logged in when the
>>> page validates. This works as expected when hitting the page
>>> normally, but if I am using an AjaxDirectLink after the login has
>>> expired, the response is returned as the HTML of the login page and
>>> not "handled" by AjaxDirectService so that it is wrapped in the xml
>>> tags and have the "window.location.href" javascript redirect added.
>>> As the response is not xml, it breaks on the client side and the
>>> page does not redirect.
>>>
>>> I have seen a few other people bring up this issue, but I can't find
>>> any evidence of a solution or work around. I would have thought that
>>> this would be a common problem, but maybe I am just overlooking a
>>> simple fix. Any help here would be greatly appreciated!
>>>
>>> My pageValidate method is simply:
>>>
>>> public void pageValidate(PageEvent event) {
>>> if (!isLoggedIn()) {
>>> Login loginPage = getRedirectPage();
>>> throw new PageRedirectException(loginPage);
>>> }
>>> }
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [T4] PageRedirectException in pageValidate after AjaxDirectLink
Posted by Kelly Merrell <km...@crye-leike.com>.
Thanks for the example Steve. My only issue is that I don't seem to be
getting a "dojo-ajax-request" header in the request. There is a
"dojoRequest" parameter, which seems like I can use it for the same
purpose. Are you using a version of Tapestry greater than 4.02?
I'm going to try to adopt your method, but without moving my
authentication code into the servlet filter.
Thanks again!
Steve Shucker wrote:
> I already had a servlet filter doing some custom authentication and
> handling redirects to a separate login service for expired sessions,
> so I added a little extra code in there. First off, you can identify
> ajax requests by the presence of an HttpServletRequest header called
> "dojo-ajax-request" with a value of "true". If I see that header, I
> write my own custom response instead of going down the filter chain.
> Here's the method I use to build the response:
>
> private void sendAjaxRedirect(HttpServletResponse httpResponse)
> throws IOException {
> PrintWriter writer = httpResponse.getWriter();
> writer.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
> writer.write("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0
> Transitional//EN\"
> \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"
> [\n<!ENTITY nbsp ' '>\n]>\n");
> writer.write("<ajax-response>");
> writer.write("<response id=\"initializationscript\"
> type=\"script\"><script>\n//<![CDATA[\n");
> writer.write("window.location.href = '" +
> params.getOriginalUrl() + "';\n");
> writer.write("//]]>\n</script></response>");
> writer.write("</ajax-response>");
> }
>
> replace "params.getOriginalUrl()" with the entry URL for your app.
>
> This code generates a response that the tapestry/dojo wiring will
> interpret by parsing the window.location.href javascript.
>
> -Steve
>
> Kelly Merrell wrote:
>> I'm having a problem with my authentication redirect when using Ajax
>> to update page components. I use PageRedirectException on each page
>> to redirect to a login page if the user is not logged in when the
>> page validates. This works as expected when hitting the page
>> normally, but if I am using an AjaxDirectLink after the login has
>> expired, the response is returned as the HTML of the login page and
>> not "handled" by AjaxDirectService so that it is wrapped in the xml
>> tags and have the "window.location.href" javascript redirect added.
>> As the response is not xml, it breaks on the client side and the page
>> does not redirect.
>>
>> I have seen a few other people bring up this issue, but I can't find
>> any evidence of a solution or work around. I would have thought that
>> this would be a common problem, but maybe I am just overlooking a
>> simple fix. Any help here would be greatly appreciated!
>>
>> My pageValidate method is simply:
>>
>> public void pageValidate(PageEvent event) {
>> if (!isLoggedIn()) {
>> Login loginPage = getRedirectPage();
>> throw new PageRedirectException(loginPage);
>> }
>> }
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [T4] PageRedirectException in pageValidate after AjaxDirectLink
Posted by Steve Shucker <ss...@vmsinfo.com>.
I already had a servlet filter doing some custom authentication and
handling redirects to a separate login service for expired sessions, so
I added a little extra code in there. First off, you can identify ajax
requests by the presence of an HttpServletRequest header called
"dojo-ajax-request" with a value of "true". If I see that header, I
write my own custom response instead of going down the filter chain.
Here's the method I use to build the response:
private void sendAjaxRedirect(HttpServletResponse httpResponse)
throws IOException {
PrintWriter writer = httpResponse.getWriter();
writer.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
writer.write("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0
Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\" [\n<!ENTITY
nbsp ' '>\n]>\n");
writer.write("<ajax-response>");
writer.write("<response id=\"initializationscript\"
type=\"script\"><script>\n//<![CDATA[\n");
writer.write("window.location.href = '" +
params.getOriginalUrl() + "';\n");
writer.write("//]]>\n</script></response>");
writer.write("</ajax-response>");
}
replace "params.getOriginalUrl()" with the entry URL for your app.
This code generates a response that the tapestry/dojo wiring will
interpret by parsing the window.location.href javascript.
-Steve
Kelly Merrell wrote:
> I'm having a problem with my authentication redirect when using Ajax
> to update page components. I use PageRedirectException on each page to
> redirect to a login page if the user is not logged in when the page
> validates. This works as expected when hitting the page normally, but
> if I am using an AjaxDirectLink after the login has expired, the
> response is returned as the HTML of the login page and not "handled"
> by AjaxDirectService so that it is wrapped in the xml tags and have
> the "window.location.href" javascript redirect added. As the response
> is not xml, it breaks on the client side and the page does not redirect.
>
> I have seen a few other people bring up this issue, but I can't find
> any evidence of a solution or work around. I would have thought that
> this would be a common problem, but maybe I am just overlooking a
> simple fix. Any help here would be greatly appreciated!
>
> My pageValidate method is simply:
>
> public void pageValidate(PageEvent event) {
> if (!isLoggedIn()) {
> Login loginPage = getRedirectPage();
> throw new PageRedirectException(loginPage);
> }
> }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org