Hi Derek,
Sorry about my previous email. I wasn't very clear with what I meant.
> Adam
> You say:
> "how to use the session validation mechanism to ensure that
> all pages under the client area require a 'valid' session."
Here is all the actaul code details up front (I will explain what I was trying
to do after the code section).
The overall directory structure is:
------------------------------------
(application root)
/+
+ descriptor.xml (this file is used to describe valid sessions)
+ index.xsp
+ sitemap.xmap
+ Client/
+ index.xsp
+ agency.xsp
+ jobdetail.xp
+ ........
+ maint/
+ index.xsp
+ login.xps
+ agencydetails.xsp
+ ........
Sitemap.xmap pipelines:
------------------------
<map:match pattern="">
<map:generate src="Client/index.xsp" type="serverpages"/>
<map:transform src="Style/QGML2html.xsl"/>
<map:serialize type="html"/>
</map:match>
<map:match pattern="index.xsp">
<map:generate src="Client/index.xsp" type="serverpages"/>
<map:transform src="Style/QGML2html.xsl"/>
<map:serialize type="html"/>
</map:match>
<map:match pattern="Client/*.xsp">
<map:act type="session-validator">
<map:parameter name="descriptor" value="context://descriptor.xml"/>
<map:parameter name="validate-set" value="is-client-session-ok"/>
<map:match pattern="Client/*.xsp">
<map:generate src="Client/{1}.xsp" type="serverpages"/>
<map:transform src="Style/{1}_C2html.xsl"/>
<map:serialize type="html"/>
</map:match>
</map:act>
<map:redirect-to uri="/index.xsp"/>
</map:match>
descriptor.xml:
----------------
<root>
<parameter name="user.type" type="string" nullable="no" min-len="1"
max-len="20" />
<parameter name="user.agency.id" type="string" nullable="yes" min-len="1"
max-len="11"/>
<parameter name="user.agency.name" type="string" nullalbe="yes"
min-len="1" max-len="50"/>
<!-- Client section validation rule set -->
<constraint-set name="is-client-session-ok">
<validate name="user.type"/>
</constraint-set>
</root>
How I was hoping it would work:
--------------------------------
The Client/index.xsp page contains some <xsp:logic> code that is capable of
determining the values for session attributes 'user.type', 'user.agency.id' and
'user.agency.name'.
The 'user.type' session attribute is set by Client/index.xsp page and required
by all other Client/*.xsp pages.
I was hoping to use the sitemap.xmap to help ensure that all Client/*.xsp pages
can only be reached if the session is valid by using a session-validator in the
Client/*.xsp matcher entry in the sitemap.
Solution is not quite right:
-----------------------------
If I use the url http://localhost/ I get redirected to
http://localhost/Client/index.xsp.
The Client/index.xsp page sets the appropriate session attributes (I have used
some debug statements to check that they are being set).
If I try to follow a hyperlink from Client/index.xsp to Client/agency.xsp I
keep getting redirected back to Client/index.xsp. I can't seem to use any of
the other Client/*.xsp pages as I keep getting redirected back to
Client/index.xsp
The only thing that I can think is that the session validation isn't working
properly - I wonder if the descriptor.xml file is in the right directory
(should it be in the Client subdirectory?)
I think I am really close, but I just know I have done something silly :-(
Ad.
=====
Adam Flegman - Senior Software Engineer
Mobile: (0414) 375 735
Phone: (07) 5547 8530
Facsimile: (07) 5547 8532
Email #1: [EMAIL PROTECTED]
Email #2: [EMAIL PROTECTED]
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
