Hi Shameera, I went through the patch at [1]. According to the patch the convention of naming JSP pages in UI bundles with suffix "_ajax_processor" has been effected. Many have developed pages under the convention that pages ending with "_ajax_processor" will not need authentication and will be rendered without the management console parent container. With this patch we cannot render those pages without authenticating. If you are going ahead with patch like this please provide us with another way to do the same we did earlier.
[1] https://wso2.org/jira/browse/CARBON-14092 Thanks, Johann. On Wed, Jun 19, 2013 at 5:36 PM, Shameera Rathnayaka <[email protected]>wrote: > Hi, > > With existing implementation org.wso2.carbon.ui.CarbonSecuredHttpContext > prevent appearing main login page if request comes from a page name which > ends with ajaxprocessor.jsp suffix. I think this is because if we redirect > to the main page it will get load to the part of the exiting frame.as we > are using jQuery("#id").load(...) for this. I could able to handle this > scenario with callback function of that load() function. I changed the > logic to send "Unauthorized" as the responseText if session is invalid > .Then in the JS side we can simple check the responseText and set location > to login page. > > With help of this implementation we can provide user friendly UI > experiences if session has expired. > > Thanks, > Shameera. > > -- > *Software Engineer - WSO2 Inc.* > *email: shameera AT wso2.com <[email protected]> , shameera AT > apache.org<[email protected]> > * > *phone: +9471 922 1454* > * > * > *Linked in : *http://lk.linkedin.com/pub/shameera-rathnayaka/1a/661/561 > *Twitter : *https://twitter.com/Shameera_R > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
