Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

STRUTS - Remebering page access after login

 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am working on a Web App and I don't know how to do something.
I am requiring that the user login to access certain aspects of the web app. So when the user clicks on a link, I check the session for the user and if it exists, all is fine, I can go on to the link. However, if the user does not exist I redirect to the login page.
What I need to do now is after they login, go to the page they were originially requesting. So how do I store that information in the session so that I know where I am supposed to foward to after the user logs in?
Thanks.
 
Junilu Lacar
Bartender
Posts: 7486
50
Android Eclipse IDE IntelliJ IDE Java Linux Mac Scala Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In our current project, we use form-based authentication to accomplish this functionality. In web.xml, you define the URLs that you want to secure, the login page URL (which can be a .do), and a login error page. The container handles the rest transparently and it works exactly as you described. That is, once you've got the proper settings in web.xml, any requests for a secured page will make the container check if there is an authenticated user for that session. If not, it remembers what the original URL requested was, then brings up the login page. Once a valid username/password is entered, the originally requested page is brought up.
There are some things you have to handle specifically in your application though such as when a password has expired and when a session times out.
You might also want to use SSL if the secure pages contain really sensitive data.
 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Junilu,
Thanks fot the response. Do you by any chance have a link to some documentation for the Web.xml file on setting up what you suggested?
Thanks.
 
Junilu Lacar
Bartender
Posts: 7486
50
Android Eclipse IDE IntelliJ IDE Java Linux Mac Scala Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Gregg,
You can start here. Sorry I don't have any more links. I remember searching for "form-based authentication" a lot when we were trying to figure all this out.
 
Paul Woods
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I actually have a similiar requirement, but only a few pages where it is a requirement for the user to be logged in.
When the action is called that directs to a sensitive spot, it checks for a login as yours does. If that check fails, it sets a session value describing a struts target - which forwards back to this action after the user has logged in.
After the login action verifies the user, it checks to see if this session target value is set. If so, it then forwards the user to that target value, as opposed to the standard page after a login.
HTH.
Paul
 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That sounds like a good approach Paul. Does anyone know what is the prefered method as far as Web App Specifications go?
 
Anonymous
Ranch Hand
Posts: 18944
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi there !
Paul, how do you redirect/forward the user to the originally requested page ? Via response.sendRedirect or dynamically changing the �path� value for a struts-config.xml forward ? (is that possible?)
In fact , I�m using a ServletFilter to check if the user is properly logged. From there, I keep the requested URL in a session attribute and upon successful login , I�m sending the user back to the originally asked URL. It works fine , but I don�t like bypassing the controller via response object... I�d like a way of doing this under Struts...
Any idea ?
Tks
F�bio
 
Paul Woods
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by fabio gama:
Hi there !
Paul, how do you redirect/forward the user to the originally requested page ? Via response.sendRedirect or dynamically changing the �path� value for a struts-config.xml forward ? (is that possible?)

For my purposes mapping.findForward(target) has worked quite well. Any action that might make this call to LoginAction, I have defined as a forward in struts-config.xml, and that is the referenced target.
I am not sure about dynamically changing values in the struts-config.xml file. I've heard of it, but never done it myself.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic