Is the Engine method being called first? Is a StaleSessionException in
fact happening? I'm not sure you can rely on that exception happening
any time the session has timed out, for all possible sequences of user
actions.
Thoughts...
* You could make your StaleSession page not do the validation, not
derive it from your validating page class, if the problem is that the
StaleSession page is being invoked. Not sure about that.
* You could check directly whether the session has expired.
@InjectObject("infrastructure:request")
public abstract WebRequest getWebRequest();
WebSession session = getWebRequest().getSession(false);
if (session == null) {
log.debug("-- null session");
}
else if (session.isNew()) {
log.debug("-- session isNew");
}
* You could make validate() do something different if the user has *no*
permissions, or define a special permission that a new visit gets
initialized with before login.
* You could add a sessionDestroyed() event listener method that would
get called by your servlet container when the session times out, and set
some sort of ThreadLocal variable that your page could check.
[EMAIL PROTECTED] wrote:
> Sorry Bryan, you're correct - it IS in my BorderEngine.class : (public class
> BorderEngine extends BaseEngine).
>
> My application has 1 menu item, Login. Once you log-in, it's replaced with
> your real menu containing a dozen items.
>
> Basically when I time-out my session (anyone know a quicker way to test this
> then waiting 20 minutes?!), the next menu item I click on, the menu goes back
> to the single "Login" item, and I get the message "You don't have permission
> to do that."
>
> This is because the validate() method of the page I suppose. It's checking
> what permissions are stored in the Visit object, which is nothing when it's
> expired. So you have no permissions to view any pages.
>
> I've tried checking the methods in BasePage, but I see no way to determine if
> a session is expired (and skip the error checking). Perhaps this validate is
> somehow overriding the Engine, although you would think the Engine method is
> called first?
>
> I've attached my validate() code below.
>
> Thanks,
> Greg
>
> ////////////////
> // Validates the permission of the page.
> public void validate(IRequestCycle cycle)
> {
> if (requiredPermission != null)
> {
> AdminVisit theVisit = (AdminVisit) getVisit();
> if (!theVisit.hasPermission(requiredPermission))
> {
> IPage permDenied = cycle.getPage("PermissionDenied");
> PropertyUtils.write(permDenied, "permissionRequired",
> requiredPermission);
> throw new PageRedirectException(permDenied);
> }
> }
> super.validate(cycle);
> }
> //////////////////
>
>
> -----Original Message-----
> From: Bryan Lewis [mailto:[EMAIL PROTECTED]
> Sent: Thursday, September 14, 2006 8:49 AM
> To: Tapestry users
> Subject: Re: Expired Session message
>
>
> Hmm, I thought from your previous post that this method was in your
> custom Engine class. The handleStaleSessionException() method in the
> Engine is what gets called when the exception occurs. If this method is
> in a page or component it won't be called.
>
> Still, if you named your exception-reporting page "StaleSession", it
> should've been invoked by the built-in error reporter even if this new
> method wasn't being called.
>
> What do you mean by "doesn't work"?
>
>
>
> [EMAIL PROTECTED] wrote:
>
>> Okay, I've taken both suggestions. I've renamed my page to "StaleSession",
>> and altered my code slightly. It still doesn't seem to work.
>>
>> protected void handleStaleSessionException(IRequestCycle cycle,
>> StaleSessionException exception) throws IOException
>> {
>> cycle.activate("StaleSession");
>> renderResponse(cycle);
>> }
>>
>>
>> This is in my Border.java file.
>>
>>
>> However, all of my pages subclass an abstract class I've made for BasePage.
>> This overrides the validate() method of the page to check if the user has
>> permissions for that particular page. Could that be messing something up?
>> Should I put something in the validate() method? Is there some sort of
>> getExpired() function?
>>
>> Thanks,
>> Greg
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
