*
The moose likes Struts and the fly likes Struts 1.2 : Make the  User Login and then redirect to details Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Struts 1.2 : Make the  User Login and then redirect to details" Watch "Struts 1.2 : Make the  User Login and then redirect to details" New topic
Author

Struts 1.2 : Make the User Login and then redirect to details

aditee sharma
Ranch Hand

Joined: Jul 22, 2008
Posts: 182
Hi,
Environment :Struts 1.2, JSP, weblogic 9.2.

The page navigation flow is as follows for the Order Track Application:
1) Login page : Enter user name/password.Upon success, show the main menu.
2) Main Menu: Choose "Track Order" from the drop down menu and show the Order Search Page.
3) Order Search: enter search parameters, click "Find".All the orders that match the search params are listed.Click on any single order.
4) Order Details page comes up.This page uses the "orderId" primary key that we get from the previous step.So, the url is like http://xyz/ordertrack/searchOrders.do?method=search&orderId=123

The requirement is to enable access from outside the application a.k.a "deep link".So, when the users access the above url and they are not already logged in, they are presented with the login page.However, upon successful login, the remaining navigational steps shall be skipped and they should land directly to the orderDetails page.

I am thinking of a solution like this:
1)Hold this orderId in session upon the very first access of the given url.
2)Modify the login code so that upon success it always checks whether the orderId is present in session or not.If it is there, then redirect to the orderDetails page with the stored orderId and clear the session order Id. If it is not there, then present the main menu (as before).

However, I'am thinking that this is spaghetti code and tomorrow if I need to "deep link" another URL, then the login code will be littered with if- then-elses.
Anybody has got a better, more elegant idea?
Thanks for your patience in reading this long post.

I am not using anything like Oblix/TAM or another Identity Manager Product in this application so doing a redirect using that is ruled out.
aditee sharma
Ranch Hand

Joined: Jul 22, 2008
Posts: 182
Actually, after lot of thinking I came to a conclusion that this is a matter of redirecting within the Action Class to a different ActionForward.
This has to be done without using send.redirect and it should also be able to send the request Parameters.
Any Body?
Tom Rispoli
Ranch Hand

Joined: Aug 29, 2008
Posts: 349
This is the solution that comes to my mind. Write a filter that will catch all .do requests. In the filter, check to see if the current user has already logged in. I'm assuming there is info in the session to determine this. If they have a session or are going to your login page then allow processing to continue normally. If they have not then change the action of the request to send the user to your log in screen and store the current URL in the request object. In your log in jsp retrieve the URL (if one exists)from the reqeust and store it in a hidden field on the jsp. If they log in successfully then redirect them to the URL stored in your hidden field. I'd do this by sending them back to the login screen and have javascript that runs on load that would send the URL in this situation, but I feel like there must be a more elegant way than that.

This idea should allow you to not have to change code if another scenario occurs where someone wants to do a deep link. This is just what I thought of off the top of my head so take it for what its worth. Let me know if I can clarify.
aditee sharma
Ranch Hand

Joined: Jul 22, 2008
Posts: 182

In your log in jsp retrieve the URL (if one exists)from the reqeust and store it in a hidden field on the jsp

Thanks. This was a good idea and at least all spaghetti code is now out of the central login module.
I applied a modified version of this idea and stored the URL in the session. Then upon getting to the target page, I clear this URL from the session.
Thanks a great deal again.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Struts 1.2 : Make the User Login and then redirect to details
 
Similar Threads
LDAP authentication + filter + redirect = mess
How do EJBs fit in with Struts/JSP ?
Session time out error
restricting access to a jsp
Is my javaBean a javaBean?