[Opensource] Forward to another jsp if session timeout
Innovest Ken
innovest_11 at yahoo.com
Sat Sep 28 20:27:58 PDT 2002
hi Mike and Larry
The following are my codes to redirect to the error
page if the user does not have the required privileges
in httpsession:
public ControllerResponse newState(String newState,
ControllerRequest request) throws ControllerException,
NonHandleableException
{
HTTPPersistentSession s =
(HTTPPersistentSession)request.getSession();
//Checking for the priv_id from request is in the
privList in the HttpSession object
if (newState.equals("GetPromo"))
{
Hashtable privList =
(Hashtable)s.getPersistentAttribute("privList");
String priv_id = request.getParameter("priv_id");
if (!privList.containsKey(priv_id))
{
ControllerResponse resp = new ControllerResponse();
errPage("No permission to access this module!",
request, resp);
return resp;
}
}
ControllerResponse resp = super.newState(newState,
request);
return resp;
}
private void errPage(String error, ControllerRequest
request, ControllerResponse response)
{
try
{
response.setCustomResponse(true);
HttpServletRequest req =
(HttpServletRequest)((ServletControllerRequest)request).getServletRequest();
RequestDispatcher dispatcher =
req.getRequestDispatcher("/spear/jsp/access/errPage.jsp");
HttpServletResponse resp =
(HttpServletResponse)((ServletControllerRequest)request).getServletResponse();
req.setAttribute("error", error);
dispatcher.forward(req, resp);
}
catch(Exception e)
{
e.printStackTrace();
}
}
I cannot use setstyle in newstate() because of
nullpointer in action perform(). I new
ControllerResponse(), and I want to
ControllerResponse.setRequest(), but failed because
setrequest is not public.
Anyway, the above works fine, it is able to direct me
to the error page if the user does not have the
required privilege. Want to double check with u guys
that whether my codes above are fine, whether it is
the correct methods.
If it is ok, I intend to put this as the ancestor
controller for my application so all other controllers
will inherit from this controller.
Please advise, thanks!
Innovest
--- larry hamel <expresso at codeguild.com> wrote:
>
> > We are using Expresso 4.0 version. So how do I
> have the timeout feature to bring
> >back to my login page?
>
> I'm not sure I understand your question. I suppose
> you can change to expresso version 4.1, or back-port
> the new feature to an older version, assuming that
> you're using a version of 4.0 that precedes the
> auto-redirect feature. The main code for the
> auto-redirect feature is in Controller.perform(),
> after this special case "catch":
>
> /**
> * special case: when there is no login,
> redirect to login screen
> */
> } catch (SecurityException securExcep) {
>
>
> >Anyway, how do I access the global forward in my
> controller?
>
> in a controller,
> Controller.getServlet().findForward() may help.
>
> do you know that you can forward any request to any
> jsp by using
>
> response.setStyle();
> or by adding a "style=" parameter to a URL?
>
> If you don't know about setStyle(), then please
> search the archives of this mailing list BEFORE you
> ask your next questions.
>
> for a true redirect (301), the following method on
> Controller was added at the same time as the
> auto-redirect feature:
>
> Controller.redirectRequest();
>
>
> >Innovest
> >
> >--- larry hamel <expresso at codeguild.com> wrote:
> >> perhaps I don't understand your end goal, but be
> >> advised that expresso (since about 4 months ago)
> >> automatically redirects a person who has (just)
> >> timed out right back to the login page, as
> commented
> >> in the that's-config.XML file:
> >>
> >> <global-forwards>
> >> <!-- logon is the redirection
> target
> >> when a user who isn't logged tries
> >> to access a secured page -->
> >> <forward name="logon"
> >> path="/Login.do"/>
> >>
> >> if the user authenticates successfully, the user
> is
> >> redirected automatically to the original
> >> destination.
> >>
> >> larry
> >>
> >> At 04:36 PM 9/25/2002, you wrote:
> >>
> >> >Hi Ken
> >> >
> >> >This may help
> >> >
> >> >We co-ordinate the session timeout on the server
> >> (using tomcat) with the jsp page timeout
> >> >
> >> >for tomcat - set the connectionTimeout value in
> the
> >> server.xml file
> >> >
> >> > <Connector
> >>
>
>className="org.apache.catalina.connector.http.HttpConnector"
> >>
> >> > port="80" minProcessors="5"
> >> maxProcessors="75"
> >> > enableLookups="true"
> >> redirectPort="8443"
> >> > acceptCount="10" debug="0"
> >> connectionTimeout="60000"/>
> >> > <!-- Note : To disable connection timeouts,
> set
> >> connectionTimeout value
> >> > to -1 -->
> >> >
> >> >we created an include file with one line
> >> ><meta http-equiv="refresh"
> >>
>
>content="1800;URL=/expresso/cal/SessionTimeout.do?state=timeout">
> >>
> >> >
> >> >content is the time (i.e. 30 minutes above)
> >> >Include this file in your jsp
> >> >
> >> >When the 30 minute inactive time is reached,
> then
> >> the session object on the server will also have
> >> invalidated.
> >> >
> >> >Simply make the above servlet accessible to
> anybody
> >> (ass the session details will be invalid) and
> call a
> >> generic timeout script on the server
> >> >
> >> >SessionTimeout.java
> >> >
> >> >public class SessionTimeoutCont extends
> >> DBControllerExt
> >> >
> >> >{
> >> > public SessionTimeoutCont()
> >> > {
> >> > super();
> >> >
> >> > State timeout = new State("timeout",
> "Process a
> >> timeout");
> >> > addState(timeout);
> >> > }
> >> >
> >> > public String getTitle()
> >> > {
> >> > return new String("Our Session Timeout
> >> Controller");
> >> > }
> >> >
> >> > protected void
> runTimeoutState(ControllerRequest
> >> request,
> >> > ControllerResponse response) throws
> >> ControllerException
> >> > {
> >> > /*
> >> > * in the request object add params
> >> > * errormsg
> >> > * formaction - i.e /cal/CcsExpress.do
> >> > * tostate - DONT add if you want to go to
> the
> >> main page by default
> >> > * error - simply include this if this is an
> >> error - else is success message
> >> > * i.e. repquest.setParameter("error",
> "true")
> >>
> >> > */
> >> > String myName=thisClass+"runTimeoutState()
> ";
> >> >
> >> > try
> >> > {
> >> > request.setParameter("formaction",
> >> DefaultParams.sHomeCont);
> >> > request.setParameter("tostate",
> "homePage");
> >> > request.setParameter("error", "true");
> >> > String sMsg = "<div align=\"center\">Your
> >> session has remained inactive for " +
> >> > DefaultParams.iSessionTimeout + "
> >> minutes<br>" +
> >> > "and you have been timed out.<br><br>" +
>
> >> > "Please login again to continue.</div>";
>
> >> > request.setParameter("errormsg", sMsg);
> >> > Transition outcome = new Transition();
> >> > outcome.addParam("state", "outcome");
> >> > outcome.addParam("controller",
> >> DefaultParams.sContPkg + "OutcomeCont");
> >> > outcome.transition(request,response);
> >> > }
> >> > catch (Exception dbe) {
> >> > throw new ControllerException(
> >> > myName+ "Session Timeout Controller
> >> exception: "
> >> > +dbe.getMessage());
> >> > }
> >> > }
> >> >}
> >> >
> >> >We simply have a jsp that displays the above
> >> message and creates the transition (Back to a
> home
> >> page to login again ??)
> >> >
> >> >Good luck
> >> >Eddie Lewis
> >> >
> >> >-----Original Message-----
> >> >From: Innovest Ken
>
=== message truncated ===
__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com
More information about the Opensource
mailing list