Re: Redirect from within Session
Re: Redirect from within Session
- Subject: Re: Redirect from within Session
- From: LD <email@hidden>
- Date: Mon, 10 Oct 2005 14:47:11 +1000
Hi there,
On 10/10/2005, at 6:28 AM, Colin Shreffler wrote:
I need to forward a user to a Login page if they are not
authenticated...
I believe the best way to do this is from within the Session object’s
constructor.
If you test for credentials in a constructor all you could do would
be set a boolean value to true or false and then determine the
content displayed based on that. i.e., Constructors cannot return
objects other than the object being constructed.
It'll be easier overriding appendToResponse in a super component (see
below) and then simply sub-class the relevant components that require
an authenticated user.
public class AnyComponentRequiringAnAuthUser extends
AuthenticatedComponent {
<...>
}
public class AuthenticatedComponent extends WOComponent {
public AuthenticatedComponent( WOContext context ) {
super( context );
}
// Properties file options:
// -> (optional) USER_AUTH_HANDLER_PATH (defaults to
'authenticateUser')
// change the setting to the path to direct action
desired.
// The default assumes authenticateUserAction is
implemented
// in DirectAction.java.
//
// -> (optional) USER_AUTH_USES_SSL in (defaults to false)
//
public void appendToResponse( WOResponse aResponse, WOContext
aContext ) {
String handlerKey;
String handlerPath;
String queryString;
boolean isSecure;
int somePort;
WORedirect redirect;
if ( hasSession() ) {
Session session = ( Session )session();
if ( session.isUserAuthenticated() ) {
// display the component as normal
super.appendToResponse( aResponse, aContext );
return;
}
queryString = "wosid=" + session.sessionID();
} else {
queryString = null;
}
handlerKey = application().directActionRequestHandler();
handlerPath = NSProperties.getProperty
( "USER_AUTH_HANDLER_PATH", "authenticateUser" );
isSecure = NSPropertyListSerialization.booleanForString
( NSProperties.getProperty( "USER_AUTH_USES_SSL", "NO" ) );
somePort = isSecure ? 443 : 80;
redirect = new WORedirect( aContext );
redirect.setUrl( aContext.completeURLWithRequestHandlerKey
( handlerKey, handlerPath, queryString, isSecure, somePort ) );
redirect.appendToResponse( aResponse, aContext );
}
}
DirectAction.java:
//
// rough pseudo outline
// you can utilise this same method for redirects as well
// as checking the form submittion from the login panel
//
// if method == POST, check user credentials etc
// else display login screen
//
public WOActionResults authenticateUserAction() {
if ( request().method().toUpperCase().equals( "POST" ) &&
request().headerForKey( "referer" ).indexOf
( "my.domain.com" ) >= 0 )
{
// insert logic to validate user here
//
if ( validated user is true ) {
Session session = session();
session.setAuthenticatedUser( ); // or something like that
return pageWithName( "Main" );
}
}
// display login screen
return pageWithName( "Login" );
}
with regards,
--
LD
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden