-
1. Re: Redirect in a PageInterceptor renders the page in backgr
antoine_h Aug 9, 2007 7:10 AM (in response to staale)Not easy question...
I ll try an answer.
on the same way as you did :
- look at the chain of interceptor (interceptor stack), in the jmx service descriptor that define it
- look at the interceptor that are after the pageInterceptor, and customise "all that" so you can still invokeNext, but skip what you don't want
- keep the interceptor that are vital for the portal. may be rearrange them.
not sure it will work.
may be a lot to do, as you touch the core engine of the portal.
other way :
I would do it at the url/command level
when an url is requested, the portal decode it and build a command, that will be executed (ie call the proper page, call the portlet which is called by the url, etc...).
there, you may be able change the url state, so it is considered as a secured one.
or even build a new type of command, that will do what you want.
other way :
using a servlet filter ?
in front of the main serlvet(s) of the portal, change/rewrite the url so the portal see it as a secured one.
look at the portal-server war for that.
there are for servlet (two not secured, two secured).
should be the best way, as it does not touch the portal processing. just make it see what you want it to see.
hope this can help... -
2. Re: Redirect in a PageInterceptor renders the page in backgr
staale Aug 13, 2007 7:16 AM (in response to staale)"Antoine_h" wrote:
using a servlet filter ?
in front of the main serlvet(s) of the portal, change/rewrite the url so the portal see it as a secured one.
look at the portal-server war for that.
there are for servlet (two not secured, two secured).
should be the best way, as it does not touch the portal processing. just make it see what you want it to see.
hope this can help...
Thanks for the post. The last idea is probably the safest way. I was blinded by the fact that it was very easy use the properties in the XX-object.xml for each page.
I can rewrite the code to work in a tomcat valve. The hard part is that I have to read the XX-object.xml by myself - or make another configuration file to enable/disable secure mode for a page.
We have a rather large system - and adding even more custom properties in separate files is probably not what my customer want right now - so im guessing a custom parser just to pick out a page name and the secure property for it might be the solution.
Ill stop writing and go coding :)
Regards,
Ståle