Thanks to all for your responses to my "getting access to
HttpServletResponse" posting. I've considered all of the suggestions, but
let me try to explain why I still think JSP components should have access to
HttpServletResponse and/or RequestDispatcher.
Specific Problem:
A JSP component that needs certain session information initialized before it
can perform its tasks. For instance, if an authenticated network connection
is not found in the session, the user is redirected to a login page.
Solution Proposed:
Use JSP .92 Model 2. Model 2 is basically this:
browser -> servlet/myservlet -> page1.jsp -> browser
For a more detailed description please download spec at
http://java.sun.com/products/jsp/index.html.
Under this model, the user always accesses my servlet and sees a URL of the
form http://server/servlet/myservlet?querystring
A Model 2 servlet can intercept unauthenticated user sessions and direct the
user to a login page. In that sense the problem is solved, but when using
Model 2 all JSP components must be used with myservlet or they may encounter
unauthenticated sessions and fail. My first major point is that **there is
no feasible way to integrate JSP components from two Model 2 applications
which substantially and unnecessarily limits the reusability of Model 2
components.**
If I want to build a standalone application, sign me up for Model 2, but I
don't, so that leaves me with Model 1:
browser -> page1.jsp -> browser
My second and last major point is this: **if a component inside page1.jsp
can't intelligently redirect/dispatch then I am unnecessarily limited in the
types of JSP components I can create.** An added problem is that the
component can't log error messages either.
Now, with that said why not let JSP components have access to
ServletContext/RequestDispatcher and HttpServletResponse?
---------
Stop reading unless your a glutton for workarounds. I admit that Model 1
could be used in the following circuitous manner.
browser (unauthenticated) -> page1.jsp (equipped with error directive) ->
JSP component (throws exception) -> page1.jsp (invokes error directive) ->
error.jsp (using JSP scripting error.jsp redirects to...) -> login.jsp. I
hope I don't have to argue the difficulties involved with doing that, but
I'll add that the only .92 implementation of JSP is LiveSoftware's and when
a component throws an exception the component simply returns a "null" String
and does not invoke the error directive and error.jsp.
The innovative folks at LiveSoftware do provide a global.jsa file, which
almost did the trick, but global.jsa is not standard and does not provide
access to the Request object so I was unable to obtain the REFERER so that I
could send a user back to the originally intended page after logging in.
As always I appreciate any input and hope that I'm wrong.
Help!!!!
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff JSP-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
