permaculture playing cards*
The moose likes Struts and the fly likes STRUTS - Remebering page access after login Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "STRUTS - Remebering page access after login" Watch "STRUTS - Remebering page access after login" New topic
Author

STRUTS - Remebering page access after login

Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299
    
    6

I am working on a Web App and I don't know how to do something.
I am requiring that the user login to access certain aspects of the web app. So when the user clicks on a link, I check the session for the user and if it exists, all is fine, I can go on to the link. However, if the user does not exist I redirect to the login page.
What I need to do now is after they login, go to the page they were originially requesting. So how do I store that information in the session so that I know where I am supposed to foward to after the user logs in?
Thanks.


GenRocket - Experts at Building Test Data
Junilu Lacar
Bartender

Joined: Feb 26, 2001
Posts: 4442
    
    5

In our current project, we use form-based authentication to accomplish this functionality. In web.xml, you define the URLs that you want to secure, the login page URL (which can be a .do), and a login error page. The container handles the rest transparently and it works exactly as you described. That is, once you've got the proper settings in web.xml, any requests for a secured page will make the container check if there is an authenticated user for that session. If not, it remembers what the original URL requested was, then brings up the login page. Once a valid username/password is entered, the originally requested page is brought up.
There are some things you have to handle specifically in your application though such as when a password has expired and when a session times out.
You might also want to use SSL if the secure pages contain really sensitive data.


Junilu - [How to Ask Questions] [How to Answer Questions]
Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299
    
    6

Junilu,
Thanks fot the response. Do you by any chance have a link to some documentation for the Web.xml file on setting up what you suggested?
Thanks.
Junilu Lacar
Bartender

Joined: Feb 26, 2001
Posts: 4442
    
    5

Gregg,
You can start here. Sorry I don't have any more links. I remember searching for "form-based authentication" a lot when we were trying to figure all this out.
Paul Woods
Greenhorn

Joined: Nov 15, 2002
Posts: 23
I actually have a similiar requirement, but only a few pages where it is a requirement for the user to be logged in.
When the action is called that directs to a sensitive spot, it checks for a login as yours does. If that check fails, it sets a session value describing a struts target - which forwards back to this action after the user has logged in.
After the login action verifies the user, it checks to see if this session target value is set. If so, it then forwards the user to that target value, as opposed to the standard page after a login.
HTH.
Paul
Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299
    
    6

That sounds like a good approach Paul. Does anyone know what is the prefered method as far as Web App Specifications go?
Anonymous
Ranch Hand

Joined: Nov 22, 2008
Posts: 18944
Hi there !
Paul, how do you redirect/forward the user to the originally requested page ? Via response.sendRedirect or dynamically changing the �path� value for a struts-config.xml forward ? (is that possible?)
In fact , I�m using a ServletFilter to check if the user is properly logged. From there, I keep the requested URL in a session attribute and upon successful login , I�m sending the user back to the originally asked URL. It works fine , but I don�t like bypassing the controller via response object... I�d like a way of doing this under Struts...
Any idea ?
Tks
F�bio
Paul Woods
Greenhorn

Joined: Nov 15, 2002
Posts: 23
Originally posted by fabio gama:
Hi there !
Paul, how do you redirect/forward the user to the originally requested page ? Via response.sendRedirect or dynamically changing the �path� value for a struts-config.xml forward ? (is that possible?)

For my purposes mapping.findForward(target) has worked quite well. Any action that might make this call to LoginAction, I have defined as a forward in struts-config.xml, and that is the referenced target.
I am not sure about dynamically changing values in the struts-config.xml file. I've heard of it, but never done it myself.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: STRUTS - Remebering page access after login
 
Similar Threads
jsf jsp(netbean 6.5.1 woodstock session problem)
include files
User Session Management
Session Expire due to time out: Please Help
j_security_check 'next' page?