I already had a servlet filter doing some custom authentication and
handling redirects to a separate login service for expired sessions, so
I added a little extra code in there. First off, you can identify ajax
requests by the presence of an HttpServletRequest header called
"dojo-ajax-request" with a value of "true". If I see that header, I
write my own custom response instead of going down the filter chain.
Here's the method I use to build the response:
private void sendAjaxRedirect(HttpServletResponse httpResponse)
throws IOException {
PrintWriter writer = httpResponse.getWriter();
writer.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
writer.write("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0
Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\" [\n<!ENTITY
nbsp ' '>\n]>\n");
writer.write("<ajax-response>");
writer.write("<response id=\"initializationscript\"
type=\"script\"><script>\n//<![CDATA[\n");
writer.write("window.location.href = '" +
params.getOriginalUrl() + "';\n");
writer.write("//]]>\n</script></response>");
writer.write("</ajax-response>");
}
replace "params.getOriginalUrl()" with the entry URL for your app.
This code generates a response that the tapestry/dojo wiring will
interpret by parsing the window.location.href javascript.
-Steve
Kelly Merrell wrote:
I'm having a problem with my authentication redirect when using Ajax
to update page components. I use PageRedirectException on each page to
redirect to a login page if the user is not logged in when the page
validates. This works as expected when hitting the page normally, but
if I am using an AjaxDirectLink after the login has expired, the
response is returned as the HTML of the login page and not "handled"
by AjaxDirectService so that it is wrapped in the xml tags and have
the "window.location.href" javascript redirect added. As the response
is not xml, it breaks on the client side and the page does not redirect.
I have seen a few other people bring up this issue, but I can't find
any evidence of a solution or work around. I would have thought that
this would be a common problem, but maybe I am just overlooking a
simple fix. Any help here would be greatly appreciated!
My pageValidate method is simply:
public void pageValidate(PageEvent event) {
if (!isLoggedIn()) {
Login loginPage = getRedirectPage();
throw new PageRedirectException(loginPage);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]