5 Replies Latest reply on Jul 6, 2009 9:05 PM by Michael Angelo

    Redirect to an URI during authentication?

    Alex Savitsky Novice
      Ok, here's a use case, that I thought at first to be easy to implement, but that is apparently giving me problems.

      I have a user database, where some users are marked as 'legacy' - these do require a screen presented to them upon successful login, where they are asked to pick a new username/password, and are not considered to be logged in until they do so. Now, they still have to pass regular authentication (#{authenticator.authenticate}), but somehow in this method, I have to redirect them to, say, 'migrate.seam' instead of 'index.seam' (where all non-legacy users would land upon successful login). What would be the way to accomplish that?

      So far, I've looked into events - but they don't have means of returning an outcome, or to redirect to an arbitrary URI; I've also looked at throwing an exception during authentication, and using an exception tag in pages.xml to catch it - but the thrown exception is wrapped in an instance of LoginException, and I don't think it's such a good idea to catch that in pages.xml

      Any help will be appreciated,

      Alex
        • 1. Re: Redirect to an URI during authentication?
          Stuart Douglas Master

          Have you tried something like:


          <navigation from-action="#{identity.login}">
                    <rule if="#{currentUser.legacyUser and identity.loggedIn}">
                         <redirect view-id="/changePassword.xhtml"></redirect>
                    </rule>
                          <rule if="#{identity.loggedIn}">
                         <redirect view-id="/index.xhtml"></redirect>
                    </rule>
          </navigation>
          
          

          • 2. Re: Redirect to an URI during authentication?
            Alex Savitsky Novice

            Thanks for the suggestion, but apparently, it doesn't work. I probably should've mentioned that I also have standard post-login redirection in place:


                 <event type="org.jboss.seam.security.notLoggedIn"><action execute="#{redirect.captureCurrentView}" /></event>
                 <event type="org.jboss.seam.security.postAuthenticate"><action execute="#{redirect.returnToCapturedView}" /></event>
            



            and it seem to conflict with the navigation rules in pages.xml, as no matter whether the outjected currentUser is legacy or not, I'm always being redirected to the view that was requested prior to login, and never to changePassword.xhtml.


            I'll continue to tinker more with this, though, as it does show potential to solve my problem.


            Thanks,


            Alex


            • 3. Re: Redirect to an URI during authentication?
              Stuart Douglas Master

              Create your own redirect component with your special case logic inside. Just copy and paste from the seam one and then in returnToCapturedView check if they are a legacy user and redirect them appropriatly.

              • 4. Re: Redirect to an URI during authentication?
                Alex Savitsky Novice

                Thanks, this actually worked pretty well, I didn't even have to copy the whole component - subclassing and overriding was enough:



                @Name("org.jboss.seam.faces.redirect")
                @BypassInterceptors
                @Scope(ScopeType.CONVERSATION)
                @Install(classDependencies = "javax.faces.context.FacesContext", precedence = Install.FRAMEWORK)
                @PerNestedConversation
                public class MigrationRedirect extends Redirect {
                     @Override
                     public boolean returnToCapturedView() {
                          User currentUser = (User) Contexts
                                    .lookupInStatefulContexts("currentUser");
                          if (currentUser != null && currentUser.isLegacyUser()) {
                               FacesManager.instance().redirect("/pages/changePassword.xhtml");
                               return true;
                          }
                          return super.returnToCapturedView();
                     }
                }
                



                Too bad the @In wouldn't work, because of @BypassInterceptors - but I decided to leave it be, as it's probably there for a reason.


                Just thought I'd share it back with the community.


                Again, my thanks,


                Alex

                • 5. Re: Redirect to an URI during authentication?
                  Michael Angelo Newbie

                  I can't think you guys enough! I have been battling this issue for weeks!!!


                  THANKS A MILLION! WORKS PERFECTLY!!