Win a copy of Pro Spring MVC with WebFlux: Web Development in Spring Framework 5 and Spring Boot 2 this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Rob Spoor
  • Bear Bibeault
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:
  • Frits Walraven
  • Himai Minh

STRUTS - Remebering page access after login

 
Ranch Hand
Posts: 15304
6
Mac OS X IntelliJ IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am working on a Web App and I don't know how to do something.
I am requiring that the user login to access certain aspects of the web app. So when the user clicks on a link, I check the session for the user and if it exists, all is fine, I can go on to the link. However, if the user does not exist I redirect to the login page.
What I need to do now is after they login, go to the page they were originially requesting. So how do I store that information in the session so that I know where I am supposed to foward to after the user logs in?
Thanks.
 
Sheriff
Posts: 16240
271
Mac Android IntelliJ IDE Eclipse IDE Spring Debian Java Ubuntu Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In our current project, we use form-based authentication to accomplish this functionality. In web.xml, you define the URLs that you want to secure, the login page URL (which can be a .do), and a login error page. The container handles the rest transparently and it works exactly as you described. That is, once you've got the proper settings in web.xml, any requests for a secured page will make the container check if there is an authenticated user for that session. If not, it remembers what the original URL requested was, then brings up the login page. Once a valid username/password is entered, the originally requested page is brought up.
There are some things you have to handle specifically in your application though such as when a password has expired and when a session times out.
You might also want to use SSL if the secure pages contain really sensitive data.
 
Gregg Bolinger
Ranch Hand
Posts: 15304
6
Mac OS X IntelliJ IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Junilu,
Thanks fot the response. Do you by any chance have a link to some documentation for the Web.xml file on setting up what you suggested?
Thanks.
 
Junilu Lacar
Sheriff
Posts: 16240
271
Mac Android IntelliJ IDE Eclipse IDE Spring Debian Java Ubuntu Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Gregg,
You can start here. Sorry I don't have any more links. I remember searching for "form-based authentication" a lot when we were trying to figure all this out.
 
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I actually have a similiar requirement, but only a few pages where it is a requirement for the user to be logged in.
When the action is called that directs to a sensitive spot, it checks for a login as yours does. If that check fails, it sets a session value describing a struts target - which forwards back to this action after the user has logged in.
After the login action verifies the user, it checks to see if this session target value is set. If so, it then forwards the user to that target value, as opposed to the standard page after a login.
HTH.
Paul
 
Gregg Bolinger
Ranch Hand
Posts: 15304
6
Mac OS X IntelliJ IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That sounds like a good approach Paul. Does anyone know what is the prefered method as far as Web App Specifications go?
 
Ranch Hand
Posts: 18944
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi there !
Paul, how do you redirect/forward the user to the originally requested page ? Via response.sendRedirect or dynamically changing the �path� value for a struts-config.xml forward ? (is that possible?)
In fact , I�m using a ServletFilter to check if the user is properly logged. From there, I keep the requested URL in a session attribute and upon successful login , I�m sending the user back to the originally asked URL. It works fine , but I don�t like bypassing the controller via response object... I�d like a way of doing this under Struts...
Any idea ?
Tks
F�bio
 
Paul Woods
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by fabio gama:
Hi there !
Paul, how do you redirect/forward the user to the originally requested page ? Via response.sendRedirect or dynamically changing the �path� value for a struts-config.xml forward ? (is that possible?)


For my purposes mapping.findForward(target) has worked quite well. Any action that might make this call to LoginAction, I have defined as a forward in struts-config.xml, and that is the referenced target.
I am not sure about dynamically changing values in the struts-config.xml file. I've heard of it, but never done it myself.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic