You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tapestry.apache.org by George Christman <gc...@cardaddy.com> on 2011/07/26 15:14:34 UTC

Tapestry Zone and Expired Session

Hello, I'm looking to redirect my page to the login page when the user tries
to render a Tapestry Zone with an expired session. Does anybody have a good
solution for this scenario?

--
View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4634714.html
Sent from the Tapestry - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.

On Tue, 26 Jul 2011 10:19:24 -0300, Josh Canfield <jo...@gmail.com>  
wrote:

> I believe you can return a Link from the event handler and tapestry will
> redirect the whole page.

A page instance or Class instance will work too. To check the lack of  
session, @Inject Request and check if getSession(false) returns null.

-- 
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,  
and instructor
Owner, Ars Machina Tecnologia da Informação Ltda.
http://www.arsmachina.com.br

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by Josh Canfield <jo...@gmail.com>.

I believe you can return a Link from the event handler and tapestry will
redirect the whole page.
On Jul 26, 2011 6:15 AM, "George Christman" <gc...@cardaddy.com> wrote:
> Hello, I'm looking to redirect my page to the login page when the user
tries
> to render a Tapestry Zone with an expired session. Does anybody have a
good
> solution for this scenario?
>
> --
> View this message in context:
http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4634714.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>

Re: Tapestry Zone and Expired Session

Posted by antalk <an...@intercommit.nl>.

AccesDeniedException comes from tapestry-spring-security
(http://people.apache.org/~uli/tapestry-site/spring-security.html) which is
what our company (sites) uses for identification. But you are free to choose
whatever security framework you like or need.

--
View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4635044.html
Sent from the Tapestry - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.

On Tue, 26 Jul 2011 11:29:31 -0300, George Christman  
<gc...@cardaddy.com> wrote:

> Hi guys, where does AccessDeniedException exist?

I guess it was just one fictional example . ..

> Thiago, love the mixin
> approach, not entirely sure how to create one though.

To begin with, if you haven't yet, you need to understand what a Tapestry  
mixin is, how it works and what can it do. It's a little bit surprising at  
first, but it's very, very powerful. Take a look at the documentation and  
the JumpStart examples.

The mixin itself is just copying your code to a new class under the mixins  
subpackage:

public class HandleAccessDeniedException {
	Object onException(Throwable cause) {
                 if (cause.getCause() instanceof AccessDeniedException) {
                         if (request.isXHR()) {
                                 return loginPage;
                         }
                 }
                 return null;
         }
}

-- 
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,  
and instructor
Owner, Ars Machina Tecnologia da Informação Ltda.
http://www.arsmachina.com.br

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by George Christman <gc...@cardaddy.com>.

Hi guys, where does AccessDeniedException exist? Thiago, love the mixin
approach, not entirely sure how to create one though.

--
View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4635001.html
Sent from the Tapestry - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.

On Tue, 26 Jul 2011 10:57:22 -0300, antalk <an...@intercommit.nl> wrote:

> I'm using an onException method in a 'base' page class (from which all  
> pages extend):

You can easily turn this nice code into a mixin and not-so-easily apply it  
to all pages implementing a ComponentClassTransformWorker (get the  
MutableComponentModel and use its addMixinClassName() method) instead of  
using inheritance.

>
> 	Object onException(Throwable cause) {
> 		if (cause.getCause() instanceof AccessDeniedException) {
> 			if (request.isXHR()) {
> 				return loginPage;
> 			}
> 		}
> 		return null;
> 	}
>
>
> This way if a page throws an accessdeniedexception (in case of a session
> timeout) AND the request is an AJAX type, then redirect the user back to  
> the
> loginPage;
>
>
>
> --
> View this message in context:  
> http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4634876.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>


-- 
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,  
and instructor
Owner, Ars Machina Tecnologia da Informação Ltda.
Consultor, desenvolvedor e instrutor em Java, Tapestry e Hibernate
http://www.arsmachina.com.br

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by antalk <an...@intercommit.nl>.

I'm using an onException method in a 'base' page class (from which all pages
extend):

	Object onException(Throwable cause) {
		if (cause.getCause() instanceof AccessDeniedException) {
			if (request.isXHR()) {
				return loginPage;
			}
		}
		return null;
	}


This way if a page throws an accessdeniedexception (in case of a session
timeout) AND the request is an AJAX type, then redirect the user back to the
loginPage;



--
View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4634876.html
Sent from the Tapestry - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by George Christman <gc...@cardaddy.com>.

Thanks guys, I'd like to test both approaches. I like how Taha's approach at
least gives the user a warning before automatically redirecting. However,
I'm not sure how to get to the tap js file and would this break when making
framework upgrades?

--
View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4634851.html
Sent from the Tapestry - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Zone and Expired Session

Posted by Taha Hafeez <ta...@gmail.com>.

Hi

I was facing the same problem. What I did is a hack but it works wonders for me

In the tapestry.js file

			onSuccess : function(response, jsonResponse) {
				
				/*
				 * When the page is unloaded, pending Ajax requests appear to
				 * terminate as successful (but with no reply value). Since
				 * we're trying to navigate to a new page anyway, we just ignore
				 * those false success callbacks. We have a listener for the
				 * window's "beforeunload" event that sets this flag.
				 */
				if (Tapestry.windowUnloaded)
					return;
				
				/*
				 * Prototype treats status == 0 as success, even though it seems
				 * to mean the server didn't respond.
				 */
				if (!response.getStatus() || !response.request.success()) {
					Tapestry.error(Tapestry.Messages.ajaxRequestUnsuccessful);
					return;
				}

                                /**************** THIS IS THE PART I
ADDED **************************/
				if(response.getHeader("Content-type").indexOf("text/html") == 0 &&
						response.responseText.indexOf("<!DOCTYPE") == 0){
					
					alert("Session expired. Please login again");
					window.location.href = "/sessionexpired"; //redirect to some page
					return;
				}
				 /**************** THIS IS THE PART I ADDED **************************/
				
				try {
					/* Re-invoke the success handler, capturing any exceptions. */
					successHandler.call(this, response, jsonResponse);
				} catch (e) {
					finalOptions.onException.call(this, ajaxRequest, e);
				}
			}
		});

regards
Taha


On Tue, Jul 26, 2011 at 6:44 PM, George Christman
<gc...@cardaddy.com> wrote:
> Hello, I'm looking to redirect my page to the login page when the user tries
> to render a Tapestry Zone with an expired session. Does anybody have a good
> solution for this scenario?
>
> --
> View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-Zone-and-Expired-Session-tp4634714p4634714.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org