This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
We have been developing an application using Struts 2.0. Acegi have been used for authentication. When user clicks Login button he is redirected to acegi filter set in web.xml file. applicationContext-acegi.xml file is where userid and passwords are kept. To provide logout functionality user is redirected to acegi logout filter which kills the user session.
Now the issue we have been facing is, once user is authenticated and redirected to inside the application, he should not see login page until logout. If user types login page url in the same browser even if he is been authenticated, login page appears and again asks for credentials. This leads to stale sessions in the memory because most of the users don't just logout but open a new browser window everytime.
How can I implement functionality where once user is authenticated wouldn't be asked for credentials until logout by himself or session expires.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com