JSF2 redirect issue - jsf-2

I have login page and dashboard page.
As soon as login process done dashboard page (using navigation rule) will be displayed.
<navigation-rule>
<from-view-id>/login.xhtml</from-view-id>
<navigation-case>
<from-outcome>dashboard</from-outcome>
<to-view-id>/viewp/dashboard.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
I have filter mapping for all requests.
Here is my scenario, There is client side poller on my dashboard page. When server restarts, poller sends request which will be interpreted by Filter.
Inside Filter I have logic like
If(url.contains("login.xhtml))
{
//dofilter
}else
{
// redirect to login.
}
but somehow this is not redirecting.
One observation I have is, after login even though I am on dashboard page, my URL still is like mydomain/login.xhtml. I think because URL in browser is mydomain/login.xhtml, response.redirect("mydomain/login.xhtml") is not working. Any suggestions?
Thank you,

The poller is executed by JavaScript/Ajax, right? Well, you've got to check in JavaScript/Ajax if the server returned a 302 instead of 200 and handle accordingly. The browser itself doesn't do that automatically for returned JavaScript/Ajax responses, but only for responses on synchronous requests.
You can use window.location in JavaScript to perform a "redirect". E.g.
if (ajaxResponseStatus == 302) {
window.location = newURL;
}

Related

How to handle session expire in partially loaded divs in mvc

I have 2 divs on a page, based on the click id on left i load the content in the right div.
But when session expires, i am expecting the page to redirect to Login, but it does not behave tht way.
some times the button wont work or some times the login screen loads in the right div.
Any suggestions to handle this session expire?
By default, the IIS simply returns the login-page with an HTTP status code 200 when the session is expired. This makes your ajax not see it as an error.
So you need to do a check in your controller action to see whether the Session has expired, and if it has, you can return an HttpStatusCodeResult(HttpStatusCode.Unauthorized).
After that, in your ajax, you can use somthing like this:
$.ajax({
//...
error: function(data, textStatus, xhr) {
if(xhr.status == "401"){ window.location.href = "/login";
}
}

How to Cancel/Remove Redirecting the Client with Server side swift in perfect framework

In My Serverside swift demo, I have Redirecting to the Client. It's moved permenantly. How can I cancel redirection. I have used below code to redirect request.
response.status = .movedPermanently
response.setHeader(.location, value: "http://www.perfect.org/")
response.completed()
Right now i am not able to cancel or not call another function.
Is there any way to remove redirect request?
the PerfectTemplate project: https://github.com/PerfectlySoft/PerfectTemplate.git has already demonstrated your case:
https://github.com/PerfectlySoft/PerfectTemplate/blob/master/Sources/main.swift#L73
"routes":[
["method":"get", "uri":"/**",
"handler":PerfectHTTPServer.HTTPHandler.redirect,
"base":"http://localhost:\(port1)"]
]
which means that all requests upon the the current server will be forwarded to the base url.

Grails logout button not working

I am using the following code in my logout button :
<a id="login-control-logout" href="${createLink(controller:'LicGenerator', action:'logout')}"><i class="icon-off"></i> Logout</a></li>
Inside my controller, I am using the following code :
def logout() {
request.getSession().invalidate()
response.setHeader("Cache-Control","no-cache,no-store,must-revalidate")
response.setHeader("Pragma","no-cache")
response.setDateHeader("Expires", 0)
redirect(uri:'/login.html')
}
It goes to login.html, but when I enter the username and password again, it doesn't log me back in and throws an error
type Status report
message /LicGenerator/j_security_check
description The requested resource (/LicGenerator/j_security_check) is not available.
When I refresh the browser, I got this error :
type Status report
message Invalid direct reference to form login page
description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).
Also, the back button takes me to page even though I added cache control to response.
Simply invalidating your session for spring security is probably not advisable. As there is a SecuritySession which also has cookies. It may be better to use whats provided by spring security already.
import grails.plugin.springsecurity.SpringSecurityUtils
redirect uri: SpringSecurityUtils.securityConfig.logout.filterProcessesUrl
Then you can configure your default login url via the config options for the spring security plugin

jQuery Mobile Site using an ajax $.get() to check username availability returning previous page code in return data

I have a simple JQM site I'm working on. I'm trying to validate the availability of a username on the fly in a form. I'm using jquery $.get() ajax to return "success" or "fail" however the return data is being replace with the code of the previous page.
$(document).on('pageinit', function () {
// check to see if username is available
$("#username").change(function() {
$.get("controller.php", { action: "check_username", username: username }, function(data) {
console.log(data);
}
});
The controller.php is checking for availability of the username and return "pass" or "fail" When I do the console.log(data) which I'm expecting to be pass or fail, it's logging out the code from the previous page??
I'm thinking maybe it's a JQM caching issue so I tried to disable cache with no effect. I was orginally using a JQM dialog box to display the form. Thinking that had something to do with it I pulled that out and loaded a straight link. That didn't fix it so I tried to load the page directly using
$.mobile.changePage( "user-new.php", { reloadPage: true});
I am stumped. Why would a $.get ajax call return data be returning code from the previous page?
Here's a face palm! My controller was authenticating and kicking it back out to a login page. Apparently php redirects act funky with ajax return data. Rather then returning the login page code it was returning the previous page code. I Removed the authentication and it works fine. Unbelievable! I'm going to go work at a gas station or something :)

Stoping saved request that triggered the login, always redirect to `/`

I have a web application that contains a REST api that is interacted with by the client application that lives at /. When a user session times out and the client js application makes a request to the REST api, that request will trigger a login event. Once the user logs in the user is then taken to the REST api endpoint which just displays a JSON response. I would like to hard wire the login page to always redirect to /.
Edit 1: I'm using spring-security-core plugin with the openid plugin as well and grails 2.0.4.
Edit 2: So I managed to get a solution working, however its a bit crude and I would like to know if there is a more elegant solution out there.
I created a simple filter in grails-app/conf/LoginRedirectFilters.groovy:
class RedirectLoginFilters {
def filters = {
redirectAfterLogin (uri: '/api/*') {
before = {
if (session["LOGGING_IN"])
redirect uri: "/"
}
after = {
if (session["LOGGING_IN"])
session["LOGGING_IN"] = false
}
}
}
}
And in my auth function inside of OpenIdController.groovy I added the session flag LOGGING_IN:
def auth = {
def config = SpringSecurityUtils.securityConfig
if (springSecurityService.isLoggedIn()) {
redirect uri: config.successHandler.defaultTargetUrl
return
}
session["LOGGING_IN"] = true
.
.
.
This is working properly by only checking if the LOGGING_IN flag is true when an api endpoint is called, and it also kills the flag after one request so it won't interfere with subsequent client api calls. I realize this is pretty convoluted, so if there is a better solution please let me know, thanks!
Why can't you use the same "springSecurityService.isLoggedIn()" inside your filter as well? I'm pretty sure that works as well.
I think I'm misunderstanding exactly what you want to achieve, but if you always want to redirect to '/' after a successful login, just set these properties in your Config.groovy:
grails.plugins.springsecurity.successHandler.alwaysUseDefault = true
grails.plugins.springsecurity.successHandler.defaultTargetUrl = "/"
If you want different behaviour to this, you'll have to flesh out your question.

Resources