That one is pretty simple: - Use a GET request so the programId is part of the URL. - Store the whole URL, including the query string. - Redirect back to the URL (including query string) after the login.
The more difficult case is POSTed parameters that don't show up on the query string. All redirects are GETs -- you can't send a reirect that will result in a POST. The ONLY ways you can transparently handle keeping POSTed parameters across a login event is with container-managed security or with a filter. There is no request.setParameter() method, so there is no other way to shove the originally POSTed parameters into a later request. Harder still is multi-part file uploads! I haven't tested my SecurityFilter project with file uploads, but I suspect that it would fail. I haven't tested container-managed security under the file upload condition either -- for all I know, they might fail, too. Keeping request parameters across a login event is one of the subtle things that container-managed security (or my filter-based clone, SecurityFilter) does for you. Trying to support this well in a proprietary turns out to harder than it at first seems (but you can look at SecurityFilter for an example). -Max http://www.securityfilter.org/ ----- Original Message ----- From: "Lukas Österreicher" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 19, 2003 9:23 AM Subject: Preserving original request until after login redirect > Hello > > I have recently posted a problem I had and then > was told to look at "Redirecting after Logon". > > As far as I have seen (I think I do not have all posts though) > this is not a solution for me as it uses predefined structures > already hardwired into struts. > > My Problem is the following: > I have user-defined user bean which is put into the > session indicating which user is logged in with that session. > Most pages require the user to be logged in, some do not > (this is checked for in each Action). > > Now, for instance I have a page that lists radio > programs. Clicking on one should display the tracks > that are contained in a specific program. For this > a programId parameter is passed in a form. > > The program list page is browsable without > authentication, but the track list page is not. > > So when the user is already logged the tracklist > will just be displayed, if it is not, the request containing > the programId parameter should be saved, then a login > should be done - displaying a login page where the > user enters username and password and upon login > the user is redirected to the track list page. > > I can manage the redirection ofcorse, but I do not know > how to store and restore the request data properly > (in this case, as redirection is done, also the before > saved request containing the programId parameter > is restored as if the action to which is referred to again > was called by a form (but in this case it is redirected > to from an Action). > > Do you know how to do this? > > Thanx in Advance, > Lukas > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
