Re: Wicket-Security How do you pass an error to the login page?

Tue, 04 Mar 2008 13:10:23 -0800 

How about not invalidating the session but just log off the user. That
way you can use session.error(...) and still let the user know about
what happened as long as they make another request before the session
times out.

There is only one extra thing you need to do,
Starting with version 1.3.0 wasp automatically invalidates the session
for you if you use session.logoff(....)
public boolean logoff(Object context)
        {
                if (securityStrategy != null && 
securityStrategy.logoff(context))
                {
                        if (securityStrategy.isUserAuthenticated())
                                dirty();
                        else
                                invalidate();
                        return true;
                }
                return false;
        }
you can either choose to overwrite WaspSession.logoff or bypass the
session.logoff(...) and use strategy.logoff(...) directly.

Maurice

On Tue, Mar 4, 2008 at 7:15 PM, Warren <[EMAIL PROTECTED]> wrote:
> I have a use case that says that one user can only be logged on to one
>  device at a time. The way I implemented this is by allowing the user to log
>  on to a second device which would intern log them off the first device. I
>  have done this by having the session look for other sessions that have the
>  same user and then logging them off of that other session. This works fine,
>  but I would like to give the user of the first device a reason why they were
>  logged off. Here is the code I am using to log the other session off:
>
>  session2 calls:
>
>  session1.autoLogOff(String logOutMessage);
>
>
>  autoLogOff(String logOutMessage)
>
>         if(logoff(MyApp.getLogoffContext()))
>         {
>                 invalidate();
>                 error(logOutMessage);
>         }
>
>  I can not call error(logOutMessage) since the session has been invalidated.
>  And I can not pass any message to the first device since the login page will
>  be called internally when the first device makes its next request and is
>  redirected to the login page. Is there any way to pass a message to the
>  first device's login page after the second device has invalidated the first
>  device's session?
>
>  Thanks,
>
>  Warren Bell
>
>
>  ---------------------------------------------------------------------
>  To unsubscribe, e-mail: [EMAIL PROTECTED]
>  For additional commands, e-mail: [EMAIL PROTECTED]
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to