1 2 Previous Next 23 Replies Latest reply on Feb 23, 2007 8:11 PM by gavin.king

    how to redirecto back to intented page after login

    gsegura

      When the user tries to access a protected page, I want to redirect to the login page if he hasn't logged in yet.
      And then, after successful login, redirect back to that given page.

      Is there a setting to achieve this? Otherwise, is the best solution to implement a javax.servlet.Filter ?

      regards,
      Gerardo

        • 1. Re: how to redirecto back to intented page after login
          dilator

          I believe this is not currently available

          +1 :)

          • 2. Re: how to redirecto back to intented page after login

            acegi supports this feature, and I found it to be very useful. Would also like to see it as part of Seam security

            +1

            • 3. Re: how to redirecto back to intented page after login
              twocoasttb

              This would be extremely useful to us as well. Right now I am embedding our logon form in our main template and display it (and the page content) conditionally. The net result is that the user gets the requested page upon successful login, but can't reload the page without getting "Are you sure you want to resend the form?" because there's no redirect.

              • 4. Re: how to redirecto back to intented page after login
                gavin.king

                Guys, its right there in the 1.1.6 release announcement!

                http://blog.hibernate.org/cgi-bin/blosxom.cgi/2007/02/08#seam-116

                If you generate an application using seam-gen, this feature is built-in.

                • 5. Re: how to redirecto back to intented page after login
                  shane.bryzak

                  Look at components.xml in the seamspace example. Here's the relevant bits:

                   <event type="org.jboss.seam.notLoggedIn">
                   <action expression="#{redirect.captureCurrentView}"/>
                   </event>
                  
                   <event type="org.jboss.seam.postAuthenticate">
                   <action expression="#{redirect.returnToCapturedView}"/>
                   </event>
                  


                  This feature is also covered in the Seam documentation, in section 12.2.6 (the security chapter).

                  • 6. Re: how to redirecto back to intented page after login
                    saeediqbal1

                    Good Job @Jboss Team! . Keep up the good work, keep the good stuff coming and let us test it for you :)

                    • 7. Re: how to redirecto back to intented page after login
                      spambob

                      Sorry to hijack this because my problem isn't related to the security stuff but more to redirect.captureCurrentView & redirect.returnToCapturedView.

                      What I'm really missing is the possiblity to start a new pageflow within an existing one and to return upon the end of the inner one to the page where one has left the outer / started the inner pageflow.

                      I.e. one has a "Buy product" pageflow which includes a "Register new account" pageflow if a user doesn't have an account.
                      AFAIK - please correct me if I'm wrong on this - this is currently only possible with some individual hacks / extensions although this is a pretty common usecase so it would be _very_ nice to have something like this "out of the box".

                      So my question is: could you _please_ extend this redirect.captureCurrentView & redirect.returnToCapturedView to work with pageflows ?

                      If I - again - fail to see the forest because of all the trees I would greatly appreciate an hint in which example such stuff can be found.

                      Thanks a bunch :)

                      PS: Also thanks a lot for the security framework, this is just great !

                      • 8. Re: how to redirecto back to intented page after login
                        saeediqbal1

                        spambob: did you try the to see if it actually does what you want ? redirection to the middle of a transaction?

                        • 9. Re: how to redirecto back to intented page after login
                          spambob

                          I'm not sure if I understood you right (may be my english ;)).

                          I don't consider a pageflow a transaction but more something like a workflow / unit of work - therefore stuff is probably only saved at the end of the pageflow when all necessary input is entered (at least this is how I used it most times).

                          What I would like to have is just that Seam memorizes the state / viewid from where I start my inner pageflow and then returns upon the end to this viewid with its associated state _and_ the new / additional information defined in the inner pageflow.

                          I hope its clearer now ;)

                          • 10. Re: how to redirecto back to intented page after login
                            spambob

                            ^ Reading the above again I wrote I down wrong: actually I consider a pageflow a transaction (with a manual flush mode so stuff is saved at the end of the pageflow / transaction).

                            What I mean is that I would expect to get the transaction from the inner pageflow "merged" into the transaction of the outer pageflow (although it could succeed independently from the outer one if needed / wished).

                            I.e. - to stick with my example from above - the "Buy product" may fail but the "Register user" can still succeed (and get committed).

                            • 11. Re: how to redirecto back to intented page after login
                              twocoasttb

                              Gavin, thanks for pointing that out. I'm obviously missing something in my configuration because it's not working. I have the following (deployed to 4.0.5.GA)

                              components.xml

                              <security:identity authenticate-method="#{authenticator.authenticate}"/>
                              
                               <drools:rule-base name="securityRules">
                               <drools:rule-files>
                               <value>/META-INF/security-rules.drl</value>
                               </drools:rule-files>
                               </drools:rule-base>
                              
                               <event type="org.jboss.seam.notLoggedIn">
                               <action expression="#{redirect.captureCurrentView}"/>
                               </event>
                              
                               <event type="org.jboss.seam.postAuthenticate">
                               <action expression="#{redirect.returnToCapturedView}"/>
                               </event>


                              pages.xml

                              <pages no-conversation-view-id="/organizations.xhtml">
                              
                               <page view-id="/organizations.xhtml">
                               <restrict>#{identity.loggedIn}</restrict>
                               </page>
                              
                               <exception class="org.jboss.seam.security.NotLoggedInException">
                               <end-conversation/>
                               <redirect view-id="/login.xhtml">
                               <message>Please login</message>
                               </redirect>
                               </exception>
                              
                               <exception class="org.jboss.seam.security.AuthorizationException">
                               <end-conversation/>
                               <redirect view-id="/security_error.xhtml">
                               <message>You do not have permission to do this</message>
                               </redirect>
                               </exception>
                              
                              </pages>


                              I added some debug statements to Redirect.java and see that captureCurrentView() does indeed capture the view. But when returnToCapturedView() is called after logging in, viewId is null. It appears that the "redirect" component has gone out of scope. Section 12.2.6 of the docs state:

                              It is important to note that login redirection is implemented as a conversation-scoped mechanism, meaning that for this feature to work, conversation propagation must be enabled until the user is successfully logged in.

                              Isn't conversation propagation enabled by default? I don't see anything in the seamspace configuration that changes anything related to converation propagation.

                              Any suggestions?

                              • 12. Re: how to redirecto back to intented page after login
                                gavin.king

                                 

                                What I'm really missing is the possiblity to start a new pageflow within an existing one and to return upon the end of the inner one to the page where one has left the outer / started the inner pageflow.


                                If I'm understanding you correctly, you are asking for a nested pageflow type functionality which is possible by having a nested conversation for the nested pageflow. Take a look at the numberguess example which does this.

                                • 13. Re: how to redirecto back to intented page after login
                                  gavin.king

                                   

                                  I'm obviously missing something in my configuration because it's not working.


                                  Actually you have something extra. Get rid of <end-conversation/> in the handler.

                                  • 14. Re: how to redirecto back to intented page after login
                                    twocoasttb

                                    Bingo. Thanks, Gavin. pages.xml in seamspace (CVS) uses the <end-conversation/> tag in the handlers. Should those be taken out?

                                    1 2 Previous Next