4 Replies Latest reply on Jul 6, 2007 12:51 PM by devesh_chanchlani

    Overwrite j_security_check redirect

    happyfrog

      Hello

      I can't find an anwer to this question so here goes: Is there some way I can force j_security_check to always redirect to a specific page? Eg. /index.jsp
      My problem is that if a session times out and the user clicks on a page, he is forwarded to the login page. After a successful login, he will be redirected back to the page he requested which might require some session variables to be present. The variables of course died with the session, so an error will occur.
      Instead I would like the user to be sent to the welcome page everytime he logs in, forcing him to go through the steps he initally had to go through before the session timed out.
      Is this possible without violating the servlet specs?

      Thanks in advance

        • 1. Re: Overwrite j_security_check redirect
          mrforms

          I ran into that problem myself a while ago. I was looking for a good way to do this. I came up with a not so pretty solution before we decided to use struts.

          What I did is I implemented an HttpSessionListener and on the sessionCreated event, I would use the requestDispatcher through the session and forward the response to another resource. I find this solution very bad.

          Once we migrated to struts, we simply extended the RequestProcessor class and would verify on every action that the user would have an 'initialized' state, if not, we would forward him to another action.

          Another solution would be to add a servlet filter that would verify the content of your session for your variables, if they are not present it would either add them, or do other processing.

          I would like to see better approach to this problem. If you have a solution, please post it.

          • 2. Re: Overwrite j_security_check redirect
            happyfrog

            I've been using the filter solution to check for a session variable so far but I'm not satisfied with it. The same goes for checking in every action, either solution seems inappropiate.

            But thank you for your suggestions anyway, I'll post it inhere if I come up with something ingenious - which is highly unlikely :)

            • 3. Re: Overwrite j_security_check redirect
              lost_traveller

              Thought I'd resurrect this post as I am having the same problem, it seems to be a common problem as I've found many people asking the same question. There must be a way within the spec to do it so that after logging in you always go to the homepage?

              Does anyone have any neat solutions?

              • 4. Re: Overwrite j_security_check redirect
                devesh_chanchlani

                Can refer to the below URL:

                http://java.sys-con.com/read/37660.htm