Christopher Schultz wrote: > Pid, > > Pid wrote: >> I have an app with a page which contains a flash object (displays a nice >> graph) that calls a groovy script periodically to get data. > >> If the user session times out in between requests for the script then >> when it's requested it's the first one after de-auth, so it becomes the >> target that is re-established after re-login, (obviously not useful for >> users). > > I have a part of my application served by Cocoon which calls-back the > "real" application to get XML data. What I've done is put the > XML-generating URLs into an unprotected space. These servlets (Struts > actions, actually) do their own (mild) checking to see if the user is > authenticated and authorized before returning the data. Otherwise, they > return appropriate XML-formatted data that says "no credentials". > > Here's where things would be different for you and me, because I use > securityfilter. I simply show a login page directly from Cocoon, make > the action="j_security_check" and set a special "forward_to" URL > parameter that tells securityfilter to redirect the user back to the > page they originally requested (tricky, eh?). > > In your case, you could redirect the user to some other page (like a > trampoline page), Tomcat would demand credentials in the meantime, and > then the trampoline would send the user back to your page with the flash > movie. > > Would that work for you?
It may indeed. It's worth a try anyway - thanks - as my attempts to inform Javascript/Flash of the session expiry time are producing unfortunately uneven results. p > -chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
