That worked perfectly. Thanks!
Mark
On [Jun 10], at 2:59 AM, Maurice Marrink wrote:
It should be fairly simple to show a message on the login page stating
the user will be redirected to whichever page they were trying to
visit.
It would be a lot more difficult i think to show a warning prior to
redirecting to the login paging. But as i understand it that is
fortunately not what you want :)
Swarm uses ISecurityChecks to solve authorization and authentication,
only a few checks should ever have to worry about redirecting to the
login page. The most prominent place this happens is during the
instantiation check in the ClassSecurityCheck By default this is used
on every page implementing ISecurePage interface. The interface is
customizable but it is also possible to override this per page.
So what you could do is extend ClassSecurityCheck to store the page in
the session you came from and then in the login page check for that
and display an appropriate message. There might be other ways but i am
not aware of them. :)
public class LoggingClasssecurityCheck extends ClassSecurityCheck
{
public boolean isActionAuthorized(WaspAction action)
{
if (getClazz() == getLoginPage())
return true;
if (isAuthenticated())
return getStrategy().isClassAuthorized(getClazz(),
action);
//not authenticated, log and redirect
((MySession)Session.get()).logRedirect(getClazz());
throw new
RestartResponseAtInterceptPageException(getLoginPage());
}
}
To use this check instead of the default just add a static final field
containing an instance of the check to your page. The entire class
hierarchy is searched so you could put it on your basepage to affect
every page. If multiple static final fields containing ISecurityChecks
are found in a class hierarchy all of them have to validate. Ofcourse
annotations would be much nicer for this but swarm is still using java
1.4.
Maurice
On Tue, Jun 10, 2008 at 12:08 AM, Mark Lichtenberg
<[EMAIL PROTECTED]> wrote:
Hi - We have a fairly straightforward app in which each page extends
SecureWebPage such that if a user attempts to directly land on a
mounted
page, they will be redirected to our login page (as supplied in our
Application.getLoginpage() method). After logging in, the user is
directed
to the originally requested page.
We have a requirement to alert a user that they will be redirected
on the
login page - but I can not find a way to detect this in our Login
page
class. I've tried getRequestCycle().isRedirect(), but this returns
false
whether the page is loaded directly or as an intercept page. Anyone
know how
I should approach this? Thanks.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
