Redirect before rendering page

[prinsinn]

Hi
I need to be able to redirect in the controller to some page before a page is rendered, like redirecting in referenceData(example user not logged in, redirect to login page). Can anybody help me on this?

Cheers.
Prins

[lindbird]

this sounds more like a filter or something... but if you wanted to use Spring, you could extend Dispatcher servlet and do some checking in that.

[davison]

Does this help: http://www.springframework.org/docs/...c.html#d0e9969
?

Regards,

[prinsinn]

yeah, this is in the right direction, i would like to be able to do somthing like this
referenceData or formBackingObject throws Exception {
if(!loggedIn)
redirect to some jsp page
else
show the page was reference data for.
}

You know what i mean?
Im also not sure what method this should be in.

cheers.

[Athrawn17]

How about throwing a ModelAndViewDefiningException??

I just found out about this exception and it looks pretty interesting. Sounds like just the thing you need.

[Cowboy Bob]

I use a filter for this sort of thing.

I have a login filter that is initialised with the following parameters:-

Code:

    <filter>
        <filter-name>login</filter-name>
        <filter-class>uk.co.mpcontracting.modules.security.filter.LoginFilter</filter-class>
        <init-param>
            <param-name>login-url</param-name>
            <param-value>/security/login.html</param-value>
        </init-param>
        <init-param>
            <param-name>login-success-url</param-name>
            <param-value>/secure/welcome.html</param-value>
        </init-param>
        <init-param>
            <param-name>login-error-url</param-name>
            <param-value>/security/loginError.html</param-value>
        </init-param>
        <init-param>
            <param-name>multiple-login-url</param-name>
            <param-value>/security/multipleLogin.html</param-value>
        </init-param>
        <init-param>
            <param-name>password-expired-url</param-name>
            <param-value>/secure/user/passwordExpired.html</param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>login</filter-name>
        <url-pattern>/secure/*.html</url-pattern>
    </filter-mapping>
    <filter-mapping>
        <filter-name>login</filter-name>
        <url-pattern>/secure/*.form</url-pattern>
    </filter-mapping>

So everything with the path /secure/*.html and /secure/*.form passes through the filter. I don't filter individual JSPs since they all live inside the WEB-INF directory so cannot be accessed individually anyway.

My filter doesn't just detect the user not being logged in, it also detects if the user's password has expired, and whether the user is logged in at another machine and forwards appropriately.

Chained behind the login filter is a permissions filter that assesses a logged in user's permission to access the requested resource based on permissions, roles, and group memberships.

This is cleaner than doing stuff in referenceData or formBackingObject IMO.

The Seraph project follows a similar idea - http://opensource.atlassian.com/seraph/ - and if you look through their code you can get an idea for how it's done.

Bob