2 months ago i had the same problems like you. to study the vlib
application from howard lewis ship helped me a lot, because there is
also a basic(but very good) mechanism for user login / logout control.
here the mechanism in a nutshell:
all pages in your application extends one abstract page, i would call it
YourBasePage.
the YourBasePage implements PageValidateListener. in public void
pageValidate(PageEvent event) you do the check if login is needed on
current page (this info can be put into meta tag). if login is needed a
Service called SecurityValidator is injected ....
the SecurityValidator checks first @InjectStateFlag("visit"), if false
-> throw PageRedirectException, if true @InjectState("visit") -> doing
some business logic with your visit-user object ... some-criterias could
be visit != null && visit.name != null && visit.password != null ... if
there is a criteria which doesn't match the current state of user ->
throw PageRedirectException
for your first steps you can do the checks (which are here explained
doing in the SecurityValidator) inline in YourBasePage.
nobody22 wrote:
> thanks a lot!
> the problem is the Visit object.
>
> Do you think is it possible solve problem set Visit Object to null?
>
> Or, how can i redirect on session time out th application on login page?
>
> Thnaks in advance
>
>
>
> eckobar wrote:
>> in the example
>> http://svn.apache.org/viewvc/tapestry/tapestry4/tags/4.1.1/tapestry-examples/Vlib/src/java/org/apache/tapestry/vlib/VlibPage.java?revision=488094&view=markup
>> you could see, that everytime before a state is injected with
>> @InjectState("visit") the @InjectStateFlag("visit") method is called to
>> ensure that state-object is present or not.
>>
>> hope i could help!
>>
>> diego galdi wrote:
>>> Hi,
>>> I hava a problem with session time out.
>>> I have a login page with username and password.
>>> On submit I invoke a methos that takes care of authentication.
>>> If I use invalid username or password, first time I'm redirect to my
>>> login page,
>>> and this is what I want, but second time I input wrong username or
>>> password, I don't see login page but tapestry error page with message
>>> 'Your session has timed out'.
>>> This is my code:
>>>
>>>
>>> 1) Home.html
>>>
>>> <form jwcid="loginForm"> <form jwcid="loginForm">
>>>
>>> <form jwcid="loginForm"> <form jwcid="loginForm">
>>>
>>> <input type="text" jwcid="@TextField" value="ognl:userName"/>
>>>
>>> <input type="password" jwcid="@TextField" value="ognl:password"
>>> hidden="ognl:true" /><input type="password" jwcid="@TextField"
>>> value="ognl:password" hidden="ognl:true" />
>>>
>>> </form></form>
>>>
>>>
>>>
>>> 2) Home.page
>>>
>>> <page-specification class="myPackage.Login">
>>>
>>> <property-specification name="message" type="java.lang.String"/>
>>>
>>> <property-specification name="userName" type="java.lang.String"/>
>>>
>>> <property-specification name="password" type="java.lang.String"/>
>>>
>>> <component id="loginForm" type="Form">
>>>
>>> <binding name="listener" expression="listeners.onFormSubmit" />
>>>
>>> </component>
>>>
>>> </page-specification>
>>>
>>>
>>>
>>> 3) Login.java (extends extends BasePage implements PageRenderListener)
>>>
>>> public void pageBeginRender(PageEvent arg0) {
>>> daoManager = PersistenceUtils.getInstance();
>>> }
>>>
>>> public void onFormSubmit(IRequestCycle cycle) { void
>>> onFormSubmit(IRequestCycle cycle) {
>>>
>>> tr{
>>>
>>> MyVisit visit = (MyVisit) getVisit();
>>>
>>> ...
>>>
>>> // Verify username and password and redirect to my Welcome Page
>>>
>>> } catch(Exception) {
>>>
>>> throw new PageRedirectException("Home");
>>>
>>> }
>>> }
>>>
>>> I notice that second time I submit form my pageBeginRender is not called.
>>>
>>> Any ideas?
>>>
>>> Thanks a lot in advance
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
