After logging in to my application, I can't able to log out
#SessionAttributes("email")
public class HomeController {
#RequestMapping(value = {"/logout"}, method = RequestMethod.GET)
public String logout(HttpSession session, HttpServletRequest request, HttpServletResponse response){
session.invalidate();
return "home";
}
}
My home.jsp page,
<p>${email}</p>
Logout
After clicked log out button still, email variable showing...
Please, can you check if there's anything in the session object of that class or is it null? else try request.getSession().invalidate();
This should work!
#RequestMapping(value = {"/logout"}, method = RequestMethod.GET)
public String logout(HttpServletRequest request, SessionStatus session){
session.setComplete();
request.getSession().invalidate();
return "login";
}
#RequestMapping(value = {"/logout"}, method = RequestMethod.GET)
public String logout(HttpServletRequest request, SessionStatus session){
session.setComplete();
request.getSession().invalidate();
return "login";
}
Try this if you want to reset email session attribute.
Related
I am using Spring MVC. I do the following steps
Login into my application
delete browser cookies and cache
do a refresh
When I delete browser cookies and do a refresh it redirects me to the login page. But this login page is opened in the response of the API (in developers console) and not the actual browser.
I want to open the login page in the browser, how do I do that ?
/**
* Handles requests related to security of the application.
*/
#Controller
public class SecurityController {
#Resource(name = "syncService")
private SyncService syncService;
#RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(ModelMap model , HttpServletResponse res) {
res.setHeader("URL", "Login");
return "login";
}
#RequestMapping(value = "/403", method = RequestMethod.GET)
public String acd(ModelMap model) {
return "403";
}
#RequestMapping(value = "/next", method = RequestMethod.GET)
public String next(ModelMap model) {
return "next";
}
#RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(ModelMap model, HttpServletRequest request) {
HttpSession session = request.getSession();
session.invalidate();
/* model.addAttribute("mess","you have been logged out"); */
return "login";
}
#RequestMapping(value = "/accessdenied", method = RequestMethod.GET)
public String loginerror(ModelMap model) {
model.addAttribute("error", "true");
return "denied";
}
}
I have a Spring application and below is a Controller method I have to resolve the /login. And I found this code from another application, but I cannot get it to work properly in my application.
#RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpSession session, ModelMap modelMap, Model model,
#RequestParam("userName") String userName,
#RequestParam("password") String password, HttpServletRequest req)
throws IOException, SessionException {
String page = "home";
String sessionId = session.getId();
modelMap.addAttribute("sessionId", sessionId);
page = "redirect:/home";
return page;
}
So basically it will redirect to the /home
below is the controller to resolve /home
#RequestMapping(value = "/home", method = RequestMethod.GET)
public String home(HttpSession session,Locale locale, Model model, #RequestParam(value = "segment", required = false) String segment,
#ModelAttribute("sessionId") String sessionId) throws SessionException {
System.out.println("sessionId : " + sessionId); // this `sessionId` is empty
return "home";
}
But the issue is the sessionId is empty when I try to print that. But I can get it from the HttpSession session.
What is the reason for this, why the #ModelAttribute("sessionId") String sessionId did not get populated with the value though I'm adding it to the ModalMap.
I'm new to spring mvc , I'm working on a web project admin panel.
Here is some example of my admin pages controllers :
#Controller
#RequestMapping("/admin/article/**")
public class ArticleController {
private ArticleDao articleDao;
private String fileName;
private String baseUrl;
public ArticleController() {
articleDao = ArticleDaoFactory.create();
}
#RequestMapping(value = "/admin/article",method = RequestMethod.GET)
public String doGet(ModelMap model,HttpServletRequest request,ArticleForm articleForm) {
//some codes
}
#RequestMapping(value = "/admin/article/add",method = RequestMethod.GET)
public String doGetAdd(ModelMap model,ArticleForm articleForm) {
model.addAttribute("article", articleForm);
return "admin/articleAdd";
}
#RequestMapping(value = "/admin/article/add",method = RequestMethod.POST)
public String doPost(#ModelAttribute ArticleForm article, BindingResult result ,ModelMap model){
//some codes
}
#RequestMapping(value = "/admin/article/edit/{id}",method = RequestMethod.GET)
public String getEdit(ModelMap model, #PathVariable("id") int id) {
//some codes
}
#RequestMapping(value = "/admin/article/edit/{id}",method = RequestMethod.POST)
public String postEdit(ModelMap model, #PathVariable("id") int id, ArticleForm article, BindingResult result) {
//some codes
}
#RequestMapping(value = "/admin/article/delete/{id}",method = RequestMethod.GET)
public void getDelete(ModelMap model, #PathVariable("id") int id, HttpServletResponse response) {
//some codes
}
}
now I need another mapping in another contoller named AdminController (for example) to Authenticate admin and bring him to login page if he is not logged in. for sure Authenthication is one example, I might want to use more classes on every admin page.
Note that my authenthication class needs request and session references (and for sure my other classes will need other references created by spring)
I got to know that I can not get HttpServletRequest and ... using a constructor method so I wrote another request mapping to call a method.
Eventhough I can set my properties this way ,but I can not use this method on every admin url.
#Controller
#RequestMapping(value = "/admin/**",method = RequestMethod.GET)
public class AdminController {
Authentication authentication;
HttpServletRequest request;
HttpSession session;
HttpServletResponse response;
public void checkAndSet(HttpSession session,HttpServletRequest request,HttpServletResponse response) {
authentication = new Authentication(session,request);
this.request = request;
this.session = session;
this.response = response;
if(!authentication.isLoggedIn()){
System.out.println(" I'm not logged in");
response.setHeader("Location","/admin/login");
}
}
So I need some suggestion on how to write a request mapping in a controller to call a method on every other controllers that are 'admin' page child ?
FYI : I'm not thinking for spring security for this.
thanks;
I think you can do it by implementing a servlet filter.
For example :
public class AuthenticationFilter extends GenericFilterBean {
#Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String url = request.getServletPath();
HttpSession session = request.getSession(false);
Authentication authentication = new Authentication(session,request);
if (isAdminUrl(url) && !authentication.isLoggedIn()) {
res.sendRedirect/admin/login");
}
chain.doFilter(req, res);
}
}
And then, you have to implement the method isAdminUrl(String url) to determine if you want to apply your filter.
Otherwise, I strongly recommend you to take a look at Spring Security
below is my controller
#RequestMapping(method = RequestMethod.GET)
#ResponseBody
public String ABC(Registratio registration, ModelMap modelMap,
HttpServletRequest request,HttpServletResponse response){
if(somecondition=="false"){
return "notok"; // here iam returning only the string
}
else{
// here i want to redirect to another controller shown below
}
}
#RequestMapping(value="/checkPage",method = RequestMethod.GET,)
public String XYZ(ModelMap modelMap,
HttpServletRequest request,HttpServletResponse response){
return "check"; // this will return check.jsp page
}
since the Controller ABC is #ResponceBody type it will always return as string, but i want that in else contion it should be redirected to the XYZ controller and from which it return a jsp page which i can show.
i tried using return "forward:checkPage"; also with return "redirect:checkPage";
but doesn't work.
any help.
Thanks.
I think you have to remove #ResponseBody if you want to either render response yourself or redirect in one controller method based on some condition, try this:
#RequestMapping(method = RequestMethod.GET)
//remove #ResponseBody
public String ABC(Registratio registration, ModelMap modelMap,
HttpServletRequest request,HttpServletResponse response){
if(somecondition=="false"){
// here i am returning only the string
// in this case, render response yourself and just return null
response.getWriter().write("notok");
return null;
}else{
// redirect
return "redirect:checkPage";
}
}
--edit--
if you want to access controller via ajax, you'd better include the datatype parameter on you request to indicate that you are simply expecting a text response:
$.get("/AAA-Web/abc",jQuery.param({})
,function(data){
alert(data);
}, "text");
return new ModelAndView("redirect:/admin/index");
The code above works for me. I was redirecting from the present controller to index in AdminController.
edirected to the XYZ controller and from which it return a jsp page instead of using the following code i/e
#RequestMapping(value="/checkPage",method = RequestMethod.GET,)
public String XYZ(ModelMap modelMap,
HttpServletRequest request,HttpServletResponse response){
return "check"; // this will return check.jsp page
}
use
#RequestMapping(value ="/checkPage",method = RequestMethod.GET)
public ModelAndView XYZ(HttpServletRequest req)
{
ModelAndView m=new ModelAndView();
m.setViewName("check");
return m;
}
How do I get the request/response that I can setcookie? Additionally, at the end of this method, how can I can redirect to another page?
#RequestMapping(value = "/dosomething", method = RequestMethod.GET)
public RETURNREDIRECTOBJ dosomething() throws IOException {
....
return returnredirectpagejsp;
}
How about this:
#RequestMapping(value = "/dosomething", method = RequestMethod.GET)
public ModelAndView dosomething(HttpServletRequest request, HttpServletResponse response) throws IOException {
// setup your Cookie here
response.setCookie(cookie)
ModelAndView mav = new ModelAndView();
mav.setViewName("redirect:/other-page");
return mav;
}
Just pass it as argument: public String doSomething(HttpServletRequest request). You can pass both the request and response, or each of them individually.
return the String "redirect:/viewname" (most often without the .jsp suffix)
For both questions, check the documentation, section "15.3.2.3 Supported handler method arguments and return types"
You can also simply #Autowire. For example:
#Autowired
private HttpServletRequest request;
Though HttpServletRequest is request-scoped bean, it does not require your controller to be request scoped, as for HttpServletRequest Spring will generate a proxy HttpServletRequest which is aware how to get the actual instance of request.
You could also use this way
#RequestMapping(value = "/url", method = RequestMethod.GET)
public String method(HttpServletRequest request, HttpServletResponse response){
Cookie newCookie = new Cookie("key", "value");
response.addCookie(newCookie);
return "redirect:/newurl";
}