Login
Dashboard
Logout
Redirect to external url
Click on Browser back button
Showing Dashboard( Angular Guards not triggered, so isLogin check and redirection to Login page is not happened)
How to trigger Angular Guard,once page is opened from browser back button
Related
I know how to implement a spring security login form the "classical" way, but I'm having a hard time figuring out how to implement a login form that opens in a modal and always behaves "properly".
It is not as trivial as it sounds.
Here are my specifications:
when an unauthenticated user requests a protected page, a modal login form should appear; when the login is successful, the requested page should appear and the address bar should display the requested url as in a non-modal approach
when this is triggered from outside the site, the modal should open on the site home page
when this is triggered from inside the site, the modal should open on the current page
when a user clicks on a "login" button on the site header (from any unprotected page) a modal login form should appear without changing page; when the login is successful, the location should not change but the page should be reloaded in order to be updated (e.g. showing the user name in the header)
if the modal is closed before submission, the original page should not have changed
if there are login errors, they should appear in the modal without redrawing the whole page
if the login form is submitted after session expiration, the login process should handle expired CSRF tokens gracefully (but I might consider removing them altogether for the login form, where I don't think are needed anyway)
every ajax request on the site (that originates from a protected page), should handle login requests gracefully
brute-force attacks should be hampered by temporarily suspending a username after some failed attempts
Java-only Spring configuration (no XML) and JQuery
the logout link should not trigger an authorization error when the session is expired
I am using oauth to authenticate my iPhone-app's users. They click the login button and Safari opens to display the password entry page. Afterwards they are redirected using a custom url scheme, e.g. myapp://somethingsomething, which opens the application again (sending Safari into the background).
Can I close the browser tap during that redirect? Or directly afterwards via Javascript?
I ask because if my user imports a bording pass to his Passbook, Safari opens and logs my user in again, since the tab was still there.
Ok fixed by doing a setTimeout() call in JS before issuing the redirect. In the setTimeout() another redirect is executed: To a harmless page.
I've got a jquerymobile 1.4 application that has all the pages on the same html page (pages are broken into different divs).
What I'm looking for is an app-level initialiser event to subscribe to that allows me to do some logic checking (e.g. authentication status) and redirect them to a login page (say div#login) if necessary.
I've explored working with a popup, setting the login page to be dialog="true" and what I'm stuck with is how to redirect the user when the app first loads.
There's mobileinit and pagecontainercreate events. If I subscribe to the pagecontainercreate event then I can run a changePage function and that works, but then it transitions to the default page straight afterwards anyway.
As far as the ideal lifecycle:
mobile app finished loading -> show login dialog page -> init login page
What's happening now is:
pagecontainercreate -> show login dialog page -> close login dialog page and show home page automatically.
i am developing a struts project.
In login page action stored username and password in session.
In logout action class using session.invalid and removed that session details and redirected to index page.
But i click back button in browser it goes to the previous page.
Now i need sample code for if i am clicking back button after logging out it will show the error message or it display index page like yahoo mail.
need sample for that in struts2
As I know, very hard to do JS side. because back button belong to web browser. Our project do below way:
When logout, close currently window and open new window. that will help you clear history.
When running a mobile site in iOS full screen mode, using the "apple-mobile-web-app-capable" meta tag, I am using a combination of AJAX and synchronous page requests, including redirects, with success while the user is logged in.
However, when the user logs out and the session is destroyed, the iOS device leaves full screen mode and opens the login page in a Mobile Safari window.
Here is a common sequence of events:
User clicks button on Home Screen to launch mobile site in iOS full
screen mode
Server redirects user to login page for authentication (still in full screen)
User logs in, and is redirected back to mobile home (still in full screen)
User performs various actions, via GET and POST, some using AJAX and some not (still in full screen)
User hits logout button, which destroys session and redirects back to login page
Mobile Safari window opens to render login page this second time
I have tried 301, 302 and 303 redirects on logout success and nothing seems to change this behavior. It seems related to the user's session ending when running in full screen mode. I don't think this matters, but the security mechanism is implemented via Spring Security running on Tomcat.
Is there any way to prevent this behavior? I would prefer not to use a location.href client side redirect on logout.
You can cancel a links default behaviour by using jQuery's event delegation to assign a single, top-level event handler to all links on the page. When a click event is detected, we cancel the default behavior (which is to open in mobile Safari) and then manually change the window's location. This approach allows the page to be changed without breaking the iPhone standalone application experience.
http://www.bennadel.com/blog/2302-Preventing-Links-In-Standalone-iPhone-Applications-From-Opening-In-Mobile-Safari.htm
I was under the impression from running into this previously that any non-ajax/ javascript navigation would cause the app to jump into safari to serve the page