You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Baran <ba...@gmail.com> on 2009/04/16 11:41:58 UTC
Session Management
Hello All,
I have this common scenario of handling sessions. The scenario is:
1. To check session on the jsp side when ever a page is loaded. This is
fairly simple and can be done without much hassle.
2. Lets say the page is left unattended and the session expires but the user
is still on that authenticated page. Not the thing is how can I make sure
that any such request is not processed and is redirected to the login page.
I can check the session availability but how can I redirect the control to
login page.
One more thing, I am working on YUI + Ajax based application, so basically
all the action requests are via javascript.
Any help would be appreciated.
Baran
--
View this message in context: http://www.nabble.com/Session-Management-tp23074591p23074591.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Baran <ba...@gmail.com>.
Hello Pawel,
well the intercepter can get a message that suggest us to have a login
before proceeding, I guess that can be done, I was trying this thing as I am
a newbie in Struts and I was exploring the possibilities. Thats the best I
can do :)
Thanks for ur help and suggestions.
Regards,
Baran
Paweł Wielgus wrote:
>
> Hi,
> yes it's the case,
> because if You are firing ajax request to server it doesn't really
> care if it's ajax or plain html request,
> so the responsibility to behave properly is on the page side.
> I don't know if your interceptor returning html code (page) is ok for You?
> Or maybe it should return something else to tell the page to reload all of
> it?
> Because as i think You would like to achieve such scenario:
> 1. user session is lost
> 2. user clicks on a link (ajax call)
> 3. interceptor catches the call and states that it's not allowed
> 4. page is getting some kind of info that this request is no more
> accessible and it should go to loginPage.jsp - total reload of the
> page
>
> I haven't been doing such things so i won't help You much with it more.
>
> Best greetings,
> Paweł Wielgus.
>
>
> 2009/4/16 Baran <ba...@gmail.com>:
>>
>> Hi,
>>
>> Okay, this is the response I get, I did used the same thing that you are
>> suggesting, Can it be an issue that I am using AJAX, as the html code of
>> the
>> login page is coming as a response of the http request I am making, do I
>> have to redirect it via my JSP page(using javascript)? As otherwise I
>> guess
>> the whole thing is working fine.
>>
>> Regards,
>> Baran
>> --
>> View this message in context:
>> http://www.nabble.com/Session-Management-tp23074591p23076002.html
>> Sent from the Struts - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Session-Management-tp23074591p23076293.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Paweł Wielgus <po...@gmail.com>.
Hi,
yes it's the case,
because if You are firing ajax request to server it doesn't really
care if it's ajax or plain html request,
so the responsibility to behave properly is on the page side.
I don't know if your interceptor returning html code (page) is ok for You?
Or maybe it should return something else to tell the page to reload all of it?
Because as i think You would like to achieve such scenario:
1. user session is lost
2. user clicks on a link (ajax call)
3. interceptor catches the call and states that it's not allowed
4. page is getting some kind of info that this request is no more
accessible and it should go to loginPage.jsp - total reload of the
page
I haven't been doing such things so i won't help You much with it more.
Best greetings,
Paweł Wielgus.
2009/4/16 Baran <ba...@gmail.com>:
>
> Hi,
>
> Okay, this is the response I get, I did used the same thing that you are
> suggesting, Can it be an issue that I am using AJAX, as the html code of the
> login page is coming as a response of the http request I am making, do I
> have to redirect it via my JSP page(using javascript)? As otherwise I guess
> the whole thing is working fine.
>
> Regards,
> Baran
> --
> View this message in context: http://www.nabble.com/Session-Management-tp23074591p23076002.html
> Sent from the Struts - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Baran <ba...@gmail.com>.
Hi,
Okay, this is the response I get, I did used the same thing that you are
suggesting, Can it be an issue that I am using AJAX, as the html code of the
login page is coming as a response of the http request I am making, do I
have to redirect it via my JSP page(using javascript)? As otherwise I guess
the whole thing is working fine.
Regards,
Baran
--
View this message in context: http://www.nabble.com/Session-Management-tp23074591p23076002.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Paweł Wielgus <po...@gmail.com>.
Hi,
look at line:
return Action.LOGIN;
this is the place where interceptor is returning simple string which
represents forward,
in my case i have "logon" defined in struts.xml
like this:
<global-results>
<result name="logon">/WEB-INF/pages/logon.jsp</result>
</global-results>
Hope that helps,
Paweł Wielgus.
2009/4/16 Baran <ba...@gmail.com>:
>
> Hi,
>
> I guess I am fine with the intercepter side, but the issue is I am not able
> to redirect it to a new page. The intercepter is working fine, but the
> respone is coming back to the same page and not to the login page.
>
> Any thing that I might be missing in the struts.xml or somewhere? coz
> intercepter is fine all I need is to send it to new page.
>
> Thanks
>
> Lukasz Lenart wrote:
>>
>> package example3;
>>
>> import com.opensymphony.xwork2.Action;
>> import com.opensymphony.xwork2.ActionInvocation;
>> import com.opensymphony.xwork2.interceptor.Interceptor;
>>
>> /**
>> *
>> * @author Lukasz
>> */
>> public class LoginInterceptor implements Interceptor {
>>
>> public void destroy() {
>> }
>>
>> public void init() {
>> }
>>
>> public String intercept(ActionInvocation arg0) throws Exception {
>> if (arg0.getAction() instanceof LoginAction) {
>> return arg0.invoke();
>> }
>> String user = (String)
>> arg0.getInvocationContext().getSession().get("user");
>> if ( user == null || "".equals(user)) {
>> return Action.LOGIN;
>> } else {
>> return arg0.invoke();
>> }
>> }
>>
>> }
>>
>>
>> Regards
>> --
>> Lukasz
>> http://www.lenart.org.pl/
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>>
>
> --
> View this message in context: http://www.nabble.com/Session-Management-tp23074591p23075474.html
> Sent from the Struts - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Baran <ba...@gmail.com>.
Hi,
I guess I am fine with the intercepter side, but the issue is I am not able
to redirect it to a new page. The intercepter is working fine, but the
respone is coming back to the same page and not to the login page.
Any thing that I might be missing in the struts.xml or somewhere? coz
intercepter is fine all I need is to send it to new page.
Thanks
Lukasz Lenart wrote:
>
> package example3;
>
> import com.opensymphony.xwork2.Action;
> import com.opensymphony.xwork2.ActionInvocation;
> import com.opensymphony.xwork2.interceptor.Interceptor;
>
> /**
> *
> * @author Lukasz
> */
> public class LoginInterceptor implements Interceptor {
>
> public void destroy() {
> }
>
> public void init() {
> }
>
> public String intercept(ActionInvocation arg0) throws Exception {
> if (arg0.getAction() instanceof LoginAction) {
> return arg0.invoke();
> }
> String user = (String)
> arg0.getInvocationContext().getSession().get("user");
> if ( user == null || "".equals(user)) {
> return Action.LOGIN;
> } else {
> return arg0.invoke();
> }
> }
>
> }
>
>
> Regards
> --
> Lukasz
> http://www.lenart.org.pl/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Session-Management-tp23074591p23075474.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Lukasz Lenart <lu...@googlemail.com>.
package example3;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
/**
*
* @author Lukasz
*/
public class LoginInterceptor implements Interceptor {
public void destroy() {
}
public void init() {
}
public String intercept(ActionInvocation arg0) throws Exception {
if (arg0.getAction() instanceof LoginAction) {
return arg0.invoke();
}
String user = (String)
arg0.getInvocationContext().getSession().get("user");
if ( user == null || "".equals(user)) {
return Action.LOGIN;
} else {
return arg0.invoke();
}
}
}
Regards
--
Lukasz
http://www.lenart.org.pl/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Baran <ba...@gmail.com>.
Hello Paul,
Thanks for the prompt response, I guess that is a right way to do, but plz
suggest me how can i redirect my control to the login page. Can u plz get me
the syntax, the interceptor thing is ready all i need to do is to redirect
if session is not there...
Thanks
Baran
Paweł Wielgus wrote:
>
> Hi Baran,
> You can check for this in interceptor in struts2 or in mainservlet in
> struts1.
>
> Best greeitings,
> Paweł Wielgus.
>
> 2009/4/16 Baran <ba...@gmail.com>:
>>
>> Hello All,
>>
>> I have this common scenario of handling sessions. The scenario is:
>>
>> 1. To check session on the jsp side when ever a page is loaded. This is
>> fairly simple and can be done without much hassle.
>>
>> 2. Lets say the page is left unattended and the session expires but the
>> user
>> is still on that authenticated page. Not the thing is how can I make sure
>> that any such request is not processed and is redirected to the login
>> page.
>> I can check the session availability but how can I redirect the control
>> to
>> login page.
>>
>> One more thing, I am working on YUI + Ajax based application, so
>> basically
>> all the action requests are via javascript.
>>
>> Any help would be appreciated.
>>
>> Baran
>> --
>> View this message in context:
>> http://www.nabble.com/Session-Management-tp23074591p23074591.html
>> Sent from the Struts - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Session-Management-tp23074591p23074831.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Management
Posted by Paweł Wielgus <po...@gmail.com>.
Hi Baran,
You can check for this in interceptor in struts2 or in mainservlet in struts1.
Best greeitings,
Paweł Wielgus.
2009/4/16 Baran <ba...@gmail.com>:
>
> Hello All,
>
> I have this common scenario of handling sessions. The scenario is:
>
> 1. To check session on the jsp side when ever a page is loaded. This is
> fairly simple and can be done without much hassle.
>
> 2. Lets say the page is left unattended and the session expires but the user
> is still on that authenticated page. Not the thing is how can I make sure
> that any such request is not processed and is redirected to the login page.
> I can check the session availability but how can I redirect the control to
> login page.
>
> One more thing, I am working on YUI + Ajax based application, so basically
> all the action requests are via javascript.
>
> Any help would be appreciated.
>
> Baran
> --
> View this message in context: http://www.nabble.com/Session-Management-tp23074591p23074591.html
> Sent from the Struts - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org