Re: security and redirects [SOLVED]
Re: security and redirects [SOLVED]
- Subject: Re: security and redirects [SOLVED]
- From: Greg Kick <email@hidden>
- Date: Sun, 17 Oct 2004 13:13:19 -0700
Bob,
Thanks. For some reason or another, pageWithName escaped me as a place
to implement this, but it should be perfect. And just to clarify to
MacFirst, and anyone that finds this useful, this solution is ideal
because you don't have to implement it in every action explicitly.
Anyway, thanks again Bob.
Greg
On Oct 17, 2004, at 8:55 AM, Bob Stuart wrote:
To achieve this I used a interface LoginRequiredInterface and check
during pageWithName. loginTest just does whatever on session is
required for proving the user is logged in. You could do the same just
checking the pageName against the list of protected pages. I throw
during pageWithName so that I get to handleException returning the
login page. I didn't return the login page during pageWithName since
it might be a subcomponent and really messed up runtime cast problems.
pseudo code there was a lot of other stuff I ripped out. Not sure this
compiles but should explain the concept.
In Application
public WOComponent pageWithName(String name, WOContext context){
pageToReturn = super.pageWithName(name,context);
if ((pageToReturn instanceof LoginRequiredInterface) &&
( session == null || !session.loginTest() ){
throw new LoginException(); }
}
return pageToReturn;
}
public WOResponse handleException(Exception anException, WOContext
aContext){
WOResponse responseToReturn;
if (anException instanceof LoginException){
responseToReturn =
super.pageWithName("Login",aContext).generateResponse();
} else {
responseToReturn =
super.handleException(anException, aContext);
}
return responseToReturn;
}
At 3:16 AM -0700 10/17/04, Greg Kick wrote:
I am trying to implement a system for securing components in which
the components that are restricted are listed in an xml file. The
application reads that file and if a user tries to access a component
listed without having authenticated the application will redirect
him/her to a login page. I have gotten the xml portion and the
comparison to work without any problems, but i am having trouble
finding a way to implement the redirect. Also, I want the redirect
to happen before the construction of the restricted component if
possible. I have tried diverting the process at just about every
point in the request-response loop I can find, but so far, no luck.
Any suggestions?
Greg
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
email@hidden
This email sent to email@hidden
--
Bob Stuart
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden