-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chetan,
Chetan Pandey wrote:
> When my Session - currently set to 1 minute in web.xml - times-out clicking
> on any LINK automatically redirects me to the Login Page.
>
> On re-logging in, through the logs I am observing that it is not going to
> the LoggingAction Class but directly to the Link that was clicked.
Correct. The way that the built-in login mechanism works, a request for
a protected page is challenged with a login screen if there's no
existing login.
Upon successful login, the user goes directly to the target page -- not
through some special "login" code that you want.
Before switching to securityfilter for my authentication and
authorization, I write a Filter that did this for me. The code was
basically this:
if(request.getPrincipal() != null)
{
if(null == session || session.getAttribute(MY_USER_BEAN))
{
// do login-type stuff
}
}
chain.doFilter(request, response);
That's all it takes. Now, whenever anyone logs in, they automatically
get this code run so you can set up your sessions.
I still haven't changed this after my move to securityfilter, and it
works very well.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFU69z9CaO5/Lv0PARAl2TAKCOeOMEv5iIpNiWP7514izkNVUdGwCfQtHO
g3hcbpQPq24GNncmxBoBTb4=
=+GJ8
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
