Re: PPR and session timeout

Tue, 18 Jul 2006 00:05:28 -0700 

There was a discussion about this problem, see this thread in the
archives for the details:
http://mail-archives.apache.org/mod_mbox/incubator-adffaces-dev/200606.mbox/browser

I've found a tricky workaround, that involves putting some javascript
in your login page to make it open itself in a popup window when its
loaded in the ppr iframe:

 <script type="text/javascript">

   // NOTE this is a workaround for an issue when using Trinidad
   // PPR requests and container-managed security

   // This is a temporary workaround while waiting for Trinidad to use
   // XmlHTTPRequest instead of hidden IFRAMEs for partial page rendering

   function checkPPR() {
     var loginForm = document.getElementById("loginForm");
     if ("_pprIFrame" == window.name) {
       // Reload myself in a window with a fixed name
       var loginWindow = window.open(window.location, "_pprLoginWindow",
                "menubar=0,resizable=1,width=350,height=250");
       loginForm.location = window.location;
     }
     if ("_pprLoginWindow" == window.name) {
       // Now I'm in the window, set the target back to the hidden iframe
       loginForm.target = "_pprIFrame";
     }
   }

   function checkPPRClose() {
     // This script trigger also when the login is wrong.. so the
     // "login failed" page must also do something to show
     // itself outside of the hidden iframe.
     if ("_pprLoginWindow" == window.name) {
       // The timeout is required to allow performing
       // the form submit before closing the window
       setTimeout('window.close()', 3000);
     }
   }

 </script>
</head>
<body onload="checkPPR();">
  <!-- standard action and field names for contained managed security -->
  <form id="loginForm" method="POST" action="j_security_check"
     onsubmit="checkPPRClose();">


Far from perfect, but it allows the user to escape from the lock that
would occours otherwise. If you come up with a better solution please
share it.


regards
Cosma

2006/7/18, Jeantine Mankelow <[EMAIL PROTECTED]>:

We are using adf's ppr features in our web based product.  This all
works fine until the session times out and the users tries to do
something which would cause a ppr on the already loaded page.  To the
user if appears as if nothing happens, when in fact what is happening is
the login page is getting rendered in the iFrame.

Any ideas on how we can direct the page the user can see to the login page?

Thanks,
Jeantine

Reply via email to