[jboss-user] [JBoss Seam] - Re: how to stop unknown user from seeing a page
dbatcn
do-not-reply at jboss.com
Wed Jul 19 21:22:07 EDT 2006
Hmmm, I just tried this. How does one do it correctly? A simple implementation of that falls into an infinite loop between the browser and Seam/Faces:
There's a "login.xhtml" page associated with a "login" action and a "groups.xhtml" page associated with a "groups" action. After a successful login, the application should take you to the groups page. The very first time the groups page is invoked, it detects that the user is not logged in and correctly redirects to the login page. However, after the successful login, it seems that the page action and the faces navigation just bounce back and forth with the browser.
pages.xml:
| <pages>
| <page view-id="/groups.xhtml" action="#{groupManager.forceLogin}"/>
| </pages>
|
faces-config.xml snippet:
| <navigation-case>
| <from-outcome>login</from-outcome>
| <to-view-id>/login.xhtml</to-view-id>
| <redirect />
| </navigation-case>
| <navigation-case>
| <from-outcome>groups</from-outcome>
| <to-view-id>/groups.xhtml</to-view-id>
| <redirect />
| </navigation-case>
|
snippet of the group manager bean:
| @Stateful
| @Name("groupManager")
| @Scope(SESSION)
| @LoggedIn
| public class GroupManagerBean implements GroupManager, Serializable {
| ...
| public String forceLogin() {
| String forcedAction;
| if ( LoggedInInterceptor.isLoggedIn() ) {
| forcedAction = "groups";
| }
| else {
| forcedAction = "login";
| facesMessages.add("#{messages.infoLoginRequired}");
| }
| System.out.println("GroupManagerBean.forceLogin() returning "+forcedAction);
| return forcedAction;
| }
| ...
| }
|
LoggedInInterceptor.java snippet
| @Around({BijectionInterceptor.class, ValidationInterceptor.class,
| ConversationInterceptor.class, BusinessProcessInterceptor.class})
| @Within(RemoveInterceptor.class)
| public class LoggedInInterceptor {
|
| ...
|
| public static boolean isLoggedIn() {
| boolean isLoggedInNow = Contexts.getSessionContext().get("loggedIn")!=null;
| System.out.println("LoggedInInterceptor.isLoggedIn() returning "+isLoggedInNow);
| return isLoggedInNow;
| }
|
| }
|
console output:
| 17:59:44,976 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning false
| 18:00:07,210 INFO [STDOUT] LoginAction.login() returning groups
| 18:00:07,226 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,226 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,226 INFO [STDOUT] GroupManagerBean.forceLogin() returning groups
| 18:00:07,242 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,242 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,242 INFO [STDOUT] GroupManagerBean.forceLogin() returning groups
| 18:00:07,257 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,257 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,257 INFO [STDOUT] GroupManagerBean.forceLogin() returning groups
| 18:00:07,273 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,288 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,288 INFO [STDOUT] GroupManagerBean.forceLogin() returning groups
| 18:00:07,304 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,304 INFO [STDOUT] LoggedInInterceptor.isLoggedIn() returning true
| 18:00:07,304 INFO [STDOUT] GroupManagerBean.forceLogin() returning groups
| .
| .
| .
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959395#3959395
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959395
More information about the jboss-user
mailing list