Re: session expiration issue and tiles

Fri, 08 Apr 2005 13:28:15 -0700 

Dave:
I have user types with varying level of privileges and only a defined
user type can access a particular page.  I thought of using filter for
this purpose, but not sure how to designate which layout*.jsp (have
created multiple layout.jsp pages for varying user types: e.g. admin
can access layout1.jsp, user can access layout2.jsp) can be accessed
by which user type.  I could not use ldaprealm as system
administrators disagreed to storing password in server.xml file (which
is needed to read group membership)(I could have used container
managed security), so I am using tiles-layout page for the
verification.  This auth piece is at the top of the page,  so I don't
see the page already outputting to the HTTP connection before this
script executes.

On Apr 8, 2005 11:55 AM, Dave Newton <[EMAIL PROTECTED]> wrote:
> sudip shrestha wrote:
> 
> >----------------------------------------------------------
> >I have few layout.jsp templates  where I have following chuck of code
> >which should redirect the browser to login page if session expires:
> ><%   String loginCheck = "notLoggedIn";
> >       if( session.getAttribute( "session_unique_id" )!=null )
> >       {
> >               loginCheck = (String)session.getAttribute( 
> > "session_unique_id" );
> >       }
> >       if( !loginCheck.equals("admin0") )
> >       {
> >%>
> >               <logic:redirect forward="loginPage"/>
> ><%   }
> >%>
> >
> >But when session expires, or when somebody who is not 'admin0' tries
> >to access the page, they get a blank page instead of getting
> >redirection.  I have tried using jsp:forward directive as well, but
> >the result is same.
> >If anybody has any suggestion on this, please let me know.
> >
> >
> Put this logic somewhere else like a filter or request processor.
> 
> Not knowing the full layout of your tiles I'd say that you've probably
> already output to the HTTP connection, which means you can't redirect
> anymore. Just a guess. In any case this is handled _far_ better some
> place other than the presentation layer, especially if you have the same
> code in more than one place--sketchy.
> 
> Dave
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to