Announcement Announcement Module
Collapse
No announcement yet.
Filtering Sessions, or intercepting Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Filtering Sessions, or intercepting

    Hi, my question is:

    I want to take users not loged in to login, by using a Sesion filter, or interceptor, or any thing else that spring provides. I want to do this instead of looking for the created session in every controller.

    Is there a way to do this.

    Thanks in advance.

  • #2
    You can use an interceptor to control user access. I have used this approach with the XML-driven bean configuration, but fail on annotation-driven bean configuration for form controllers.

    HTH

    Comment


    • #3
      Do you have an example ?

      I already tried with an interceptor but i think im missing something. because my application falls in an infinite loop to index.html

      This is the code i have :

      public class SessionInterceptor extends HandlerInterceptorAdapter {

      public boolean preHandle(
      HttpServletRequest request,
      HttpServletResponse response,
      Object handler) throws Exception {

      Contract contract = (Contract) request.getSession(true).getAttribute("contract");

      if ( contract==null )
      {
      response.sendRedirect("index.html?error=sesion");
      return false;
      }

      return true;
      }

      }

      <bean id="urlMappings" class="org.springframework.web.servlet.handler.Sim pleUrlHandlerMapping">
      <property name="mappings">
      ........
      </property>
      <property name="interceptors">
      <list>
      <ref bean="localeChangeInterceptor"/>
      <ref bean="sesionInterceptor" />
      </list>
      </property>
      </bean>


      I think that is happening beacuse my index also has a controller.
      So my second question could be, how can i separate static pages from
      pages with controllers.


      Thanks again in advance.


      Originally posted by vw729 View Post
      You can use an interceptor to control user access. I have used this approach with the XML-driven bean configuration, but fail on annotation-driven bean configuration for form controllers.

      HTH

      Comment


      • #4
        Why implement your own if you can also use Spring Security which provides this for you.

        Comment


        • #5
          I'd definitely recommend using spring security. It handles all that for you with some simple config.

          Comment

          Working...
          X