Now, here's a real problem (as opposed to my previous post ). I have implemented a mechanism in my application which automatically redirects the user to the login page if he/she is not logged in. This mechanism relies on the fact that I have to have the user's data in the session scope, so it basically ask the session for the User object and it this is null forwards the user to the login page. There are some portions of my application where I used AJAX, and this is where the problem appeared. Wherever I click a link which is supposed the give me the response via AJAX (in a certain div on my page) and the session expired I get the login page in that div - no need to tell you how that's a big no-no. Does anyone has any idea how I can solve this problem ?
You don't tell us what mechanism you're using to to redirect to the login page, but I suspect it may be in a base Action class that all your actions extend. If this is the case, one solution would be to make all your AJAX actions extend from a different superclass that does not have the mechanism to forward to the login page. If the action could be used for either AJAX or a normal form submission, you would have to send a parameter indicating whether the action is being called from AJAX or from a form submission.
I'm sorry, I omitted the description of the mechanism, but yes, I have a base action class that intercepts unauthorized access(hey, it must be a common pattern ). Of course I could make my Ajax action extend some other class but I only solved half the problem. I still want the user to be redirected to the "login" page when it clicks a link that's supposed to fetch the response via Ajax. I am using Ajax only for fetching data, no form submission.