This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Spring and the fly likes please help me spring mvc Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "please help me spring mvc " Watch "please help me spring mvc " New topic
Author

please help me spring mvc

sal sathya
Greenhorn

Joined: Jul 28, 2010
Posts: 11
hi there,
i an application http://localhost:8080/HelloWorld
we are using a login based on jspring security checking and a applicationcontex-security.xml file where a set of roles where defined in database(logedin table).A set of roles is defined to access the urls,
first question
can i dinamicaly change the roles with out restart the server(glassfish 3).
second question
only roles like hasAcess{'ROLE_ADMIN','ROLE_USER`'} can i change the ROLE_ADMIN to 1 ,2 ,3 etc
other that words(ROLE_ADMIN etc....)
third question
there a login status table means which all persons are loged in properly there status will be set to 'Y',and we are validating that is that flag is set to y then block that user saying that "you are already LOGED in",
but tha problem is if the user didn't logout properly or IF HE CLOSED THE BROWSER then that flag will not reset to N ,so he can't logged in.
how can i get rid of it,
and how the session management is propery done by spring,
we are using ldap to store password and there uses SSO
there session time out between these two

please give me good solution or good sample blogs

please help

thanks in advance
ntumba lobo
Ranch Hand

Joined: Oct 21, 2008
Posts: 180
when a user logs in to your application most probably an HTTP session is created for the user.
if the user just closes the browser without logging out, after some time ( 30min) his session will be destroyed.
with an HTTPSessionListener you execute some logic when the session dies like setting your flag to N in your DB.

Alternatively when the user closes down the browser I am pretty sure you can capture this event in javascript and send a request to your server to log out the user automatically.


SCJP 5 , SCWCD 5, SCEA 5
sal sathya
Greenhorn

Joined: Jul 28, 2010
Posts: 11
thanks for reply,
if the user click the 'X' in mozilla or ie logout.htm(spring) action has to call.
i user the script webpage
but the problem is when the user refresh the same will also occur,

another problem is http://localhost:8080/ABC/login.htm------first page this action is written at redirect.jsp page and it will go to j_spring_security_check,and redirect to indexsys.htm
http://localhost:8080/ABC/indexsys.htm
after a while if the user type "http://localhost:8080/ABC" he will get the login page but there is a user status storing informing that the user has logged in in login table,so that flag is not reset to 'N' ,the user can't login again, if the user logged in his session is also storing at that table
so ,when he type http://localhost:8080/ABC he has to go to indexsys.htm why its not happening,
thanks for reply

ntumba lobo
Ranch Hand

Joined: Oct 21, 2008
Posts: 180
So you're saying that when the user clicks the "X" you call server side your spring action logout.htm which I presume invalidates at some point the HTTP session. Also you can change the flag in your DB.
Is that correct ?
If that's the case I dont understand what you mean by
the problem is when the user refresh the same will also occur

How the user can refresh a window that has been closed already ?

As for why your logged in user is not redirected to your index page, it's hard to tell, Im no expert in acegi
sal sathya
Greenhorn

Joined: Jul 28, 2010
Posts: 11
hi thanks for reply,
as per the sample @
webpage
when the user close its working,but if he refresh the site on some time the same will happen.

thenks for the reply for Acegi, security but we are using spring mvc 3 ,do you have any experinece with spring mvc security


thanks for quick reply
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: please help me spring mvc
 
Similar Threads
how to forcefully log out in admin module?
how to forcefully log out in admin module?
Spring security autorisation
How to ristrict multiple login's at the same time using same username?
How to get session object by giving Session Id to kill another session in Websphere