Announcement Announcement Module
Collapse
No announcement yet.
Last visited page problem Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Last visited page problem

    Our application based on Spring Security & Struts 2 runs under tomcat 6.

    Here is security http config:
    Code:
    <security:http auto-config="true">
           .....
            <security:form-login login-page='/login.action'
                                 authentication-failure-url="/login.action?login_error=1"
                                 default-target-url='/dashboard.action'/>
        </security:http>
    Our default login page /dashboard.action sends many ajax requests which receives json objects as the response:
    http://img151.imageshack.us/img151/213/requests.jpg

    If user does logout quickly after login, on next login sometimes he hit ajax json request action instead of the last visited page, and download file interface appears:
    http://img3.imageshack.us/img3/4041/loginerror2.jpg

    So how can I resolve this problem?

    I can't use always-use-default-target="true", because project requirement is to remember last visited page and enter it after login.
    Last edited by kostepanych; Feb 1st, 2011, 06:51 AM.

  • #2
    It seems like in the cases where JSon requests are activating the login, you would want to use the default page instead?

    You could either customize the RequestCache (which is used to cache the previous requests) and ignore those which should not be used as target pages.

    Alternatively you can customize the AuthenticationSuccessHandler and make the decision there (check the code for the default saved-request based one).

    Of course, you need some way of differentiating what is a valid page request as opposed to a JSon one.

    Comment

    Working...
    X