Jon Tirsen wrote:
> Yeah, but maybe he doesn't want the application server to show a login-page
> only at request from the user.
Another thing: the Servlet specification 2.2 says something about how you can
specify a login form to be shoved in the user's face if he goes somewhere that
requires him to be authenticated, and that containers must handle the page
flow--i.e. if the user was headed for ProtectedPage.html, then rerouted to
LoginForm, then when he's done he should go back to ProtectedPage.html.
This is presented as though it is a problem unique to login scenarios, but what
gets me is that it's a very generic problem that is being solved in a very
specific way! There are many occasions where the user wants to hit PageX.html,
but in order to properly render PageX, the system needs to know some additional
information first. For example, there are many ecommerce sites on the web that
allow you to attempt to place an order without entering any information about
yourself. Should you actually get so far as to try to *fulfil* the order, then
they route you to various info screens (i.e. enter shipping information and
credit card info) in exactly the same sort of way that they might have routed
you to login!
Another way to think of this general problem is that if you were coding up the
order application given as an example above, you would probably end up making
the enter billing information screen a modal dialog box, which would effectively
"return" you to "where you had been" when you are done with it.
The web, of course, has no such modal dialog box construct (I'm ignoring
JavaScript for the moment (actually for all time :-))), so instead it handles it
with interposed page flows, like that of a login screen being interposed between
The Place Where The User Is Now and The Place Where He Wants To Go.
<semi-vendorish range="off topic, sorta">
Here at Time0, we're working on a framework that would make this kind of
how-do-you-present-the-equivalent-of-a-modal-dialog-box-on-the-Web problem more
simple to deal with.
<opinion status=personal>
I'll see if bits of it can't be made open source, but no promises.
</opinion>
</semi-vendorish>
Cheers,
Laird
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
