12 Replies Latest reply on Apr 6, 2009 2:08 AM by qqq qqq

    request parameter and forced login

    Sascha Janz Master
      i restricted the pages of my app with login-required = true. so if not logged in the user is redirected to the login page.

      but i want to call one page with a request parameter. if the user is not logged in, he should be forced to login, and the redirected to the page with the requestparameter. but after the login the request parameter isn't there any more.

      the request parameter is implemented in my session bean with the @request annotation.

      what could i do to maintain the request parameter?
        • 1. Re: request parameter and forced login
          Sascha Janz Master

          can someone help please. i still got this problem.

          • 2. Re: request parameter and forced login
            Sascha Janz Master
            may be my question wasn't clear enough...second try

            i got a link e.g. http://localhost:8080/myapp/home.seam?id=42 

            where i got
            @RequestParameter
            id

            in my session bean. the pages are restricted to force login. so when the clicks the link above he is redirected to http://localhost:8080/myapp/login.seam

            but the "id" in the SessionBean is not set. it is lost.

            what can i do?
            • 3. Re: request parameter and forced login
              Jose M. Lara Newbie

              can you include your pages.xml? first 20 lines is ok

              • 4. Re: request parameter and forced login
                Sascha Janz Master
                <?xml version="1.0" encoding="UTF-8"?>
                <pages xmlns="http://jboss.com/products/seam/pages"
                       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                       xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.0.xsd"

                       no-conversation-view-id="/login.xhtml"
                       login-view-id="/login.xhtml">

                    <page view-id="*">
                        <navigation>
                            <rule if-outcome="home">
                                <redirect view-id="/home.xhtml"/>
                            </rule>
                        </navigation>
                    </page>
                    <page view-id="/home.xhtml" login-required="true" />

                    <exception class="org.jboss.seam.framework.EntityNotFoundException">
                        <redirect view-id="/error.xhtml">
                            <message>Not found</message>
                        </redirect>
                    </exception>
                   
                    <exception class="javax.persistence.EntityNotFoundException">
                        <redirect view-id="/error.xhtml">
                            <message>Not found</message>
                        </redirect>
                    </exception>
                   
                    <exception class="javax.persistence.OptimisticLockException">
                        <end-conversation/>
                        <redirect view-id="/error.xhtml">
                            <message>Another user changed the same data, please try again</message>
                        </redirect>
                    </exception>
                   
                    <exception class="org.jboss.seam.security.AuthorizationException">
                        <redirect view-id="/error.xhtml">
                            <message>You don't have permission to do this</message>
                        </redirect>
                    </exception>
                   
                    <exception class="org.jboss.seam.security.NotLoggedInException">
                        <redirect view-id="/login.xhtml">
                            <message>Please log in first</message>
                        </redirect>
                    </exception>
                   
                    <exception class="javax.faces.application.ViewExpiredException">
                        <redirect view-id="/error.xhtml">
                            <message>Your session has timed out, please try again</message>
                        </redirect>
                    </exception>
                    
                    <exception>
                        <redirect view-id="/error.xhtml">
                            <message>Unexpected error, please try again</message>
                        </redirect>
                    </exception>
                   
                </pages>
                • 5. Re: request parameter and forced login
                  Jose M. Lara Newbie



                  login-view-id="/login.xhtml">




                  This is the key. When you call http://localhost:8080/myapp/home.seam?id=42 and there is no logged user, Seam just redirects you to your login-view-id. This comprobation is efectuated before the parameter id is assignated to your Session Bean.


                  I would try:



                  login-view-id="/login.xhtml?id=#{bean.methodThanReturnsId}">



                  i don't know if you can use EL in that line, Just try and tell me if it works


                  sorry for my english

                  • 6. Re: request parameter and forced login
                    Sascha Janz Master
                    thank you. but didn't work

                    i even tried        login-view-id="/login.xhtml?id=1233"

                    with no success
                    • 7. Re: request parameter and forced login
                      Jose M. Lara Newbie

                      why do you need to send the id between pages?

                      • 8. Re: request parameter and forced login
                        Sascha Janz Master
                        if the page http://localhost:8080/myapp/home.seam?id=42  is called,  my app searches for data with id 42 and renders it in home.seam.

                        so the user got this link e.g. per mail. after a direct click he is redirected to login and after login the user should see home.seam with data from id =42
                        • 9. Re: request parameter and forced login
                          Jose M. Lara Newbie

                          Well, the I would use a Filter to manage this feature, just catch the id in the Filter and save in the bean.

                          • 10. Re: request parameter and forced login
                            Ingo Jobling Master

                            Try adding a <param>, see section 6.3 of Seam ref.


                                 <page view-id="/extranet/home.xhtml">
                                      <param name="stakeholderId" value="#{stakeholderHome.stakeholderId}"/> 
                                 </page>
                            


                            • 11. Re: request parameter and forced login
                              Sascha Janz Master

                              thank you. that solved it!! now i got what i want.

                              • 12. Re: request parameter and forced login
                                qqq qqq Newbie

                                It is not necessary to store request parameter to bean property explicitly.


                                It's enough:



                                <page view-id="/extranet/home.xhtml" login-required="true">
                                        <param name="stakeholderId"/> 
                                </page>
                                




                                stakeholderHome action:


                                @RequestParameter
                                private Long stakeholderId;