So my webpage has a Link remove Advertisment which should remove the ads from my website and remember to not show any ads in the rest of the session.
My approach at was first was a private static Variable in the controller, which could be set via methods.
private static boolean Ads = true;
public static void closeAds() {
Logger.debug("Ads removed");
Ads = false;
}
I did some research and found out that the session() method provided by the play framework probably would be more suitable.
Anyway my problem is, I don't know how to call those controller methods within my html page, since every HTTP request has to have an response and I don't want to reload my page, I only want to set the variable or session variable.
I figured Ajax could be the answer? I couldn`t come up with anything yet
Play keeps session information on client side within a signed cookie.
So you have 2 options (I would go with the 2nd):
1) Ajax call to update play's session data (because you will not want to modify this on client side with javascript since it is a signed cookie and break things)
2) Create another cookie for keeping the advertisements on/off flag and modify it by javascript on clientside, and then you can check the value of this cookie on server side to achieve ads on/off. This will prevent you from doing an extra ajax call.
Related
I have a Wicket 8.6 application. Currently, when logging in to the application, mostly (does not always happen) the user has to login twice. After the first login (after entering the credentials and clicking the submit button) a white page appears saying "If you see this, it means that both javascript and meta-refresh are not support by your browser configuration. Please click this link to continue to the original destination." This is the BrowserInfoPage. After a few seconds the user is redirected to the login page again where he/she has to enter his/her credentials again and press the login button. This time, the user logs in successfully. My question is, how do I prevent that the user hast to enter his/her credentials twice.
From my research I know that it has something to do with the collection of extended browser info. In the init method of my WicketApplication class, I had the following code:
getRequestCycleSettings().setGatherExtendedBrowserInfo(true);
However, I already commented out this code several month ago. For some reason, the described effect occurs for every new deploy now. Maybe a newly added package in the application is the reason for it. I don't know. Is there a possibility to prevent this second login maybe by creating a customized bowser info page which forwards the login? Please point me in the right direction. Thanks.
After some research, I came up with a work around. It is probably not very efficient but it works for me so far. In my custom Session class which inherits from AuthenticatedWebSession, I added the following code.
#Override
protected WebPage newBrowserInfoPage() {
final Request request = RequestCycle.get().getRequest();
if(request.getUrl().toString().contains("LoginPage")) {
if(!isSignedIn()) {
signIn(username, password);
}
PageParametersEncoder encoder = new PageParametersEncoder();
PageParameters parameters = encoder.decodePageParameters(request.getUrl());
String url = parameters != null && parameters.get("originUrl") !=null && !parameters.get("originUrl").isNull() && !parameters.get("originUrl").isEmpty()?
parameters.get("originUrl").toString("pages/home"):"pages/home";
String finalUrl=url.startsWith("pages/")?url.substring("pages/".length()):url;
throw new RedirectToUrlException(finalUrl);
}
return super.newBrowserInfoPage();
}
Some explanation to the code. As mentioned in the question, I want to prevent the user from logging in multiple times. Thus, I check if the request comes from the LoginPage and perform my work around only in that case.
During my implementation, I realized, that the method newBrowserInfoPage is called in the process when I call session.signIn(username,password); on my LoginPage. In this signIn process the authenticate method of my custom Session is called but the signedIn flag in the AuthenticatedWebSession is not changed (keeps false on successfull authentication). Is this a bug? Thus, I have to login again to set the flag to true.
Finally, I read the URL of the LoginPage where I have stored the target URL and forward the user to the target URL.
I am aware this is probably not the best approach but it is the only solution I came up with. If someone has a better idea, I am happy to hear it.
Requirement: When I click on Reset button in my web application then it should not show re authentication pop-up.
HTML code:
<button type="reset" onclick="reloadcurrentpage(false)">Reset</button>
JS code
function reloadcurrentpage(isAuthenticationRequired){
window.location=window.location.href+"?isAuthenticationRequired"+isAuthenticationRequired;
}
I have UserAuthenticationFilter which sees that if page is already authenticated .This I am doing by storing boolean value to some variable in session scope when it goes into Controller.
Let me make you more clear. Let us suppose it is authenticated first time
Controller code
public class MyController{
public Object formBackingObject(HttpServletRequest request){
request.getSession.setAttribute("isAuthenticated",true)
}
}
Filter code:
public class Fitler{
doFilter(request,response,filterChain){
if(request.getSession.getAttribute("isAuthenticated")){
request.getSession.remove("isAuthenticated");
fitlerChain.doFilter(request,response) ;
}else{
reponse.sendRedirect("showAuthenticationPopUp")
}
}//doFilter ends//
}//filter class ends
Approaches I followed to avoid re-authentication
1)When I click on reset say URL forming is
http.india.com/myController?isAuthenticationRequired=false else other times it is http.india.com/myController
Now when I click on Reset button and write appropriate code in filter for this Query String I can avoid re-authentication, but problem is when I refresh the page then also re-authentication is avoided which should not happen. Reason for this is when I click on reset the url formed is
http.india.com/myController?isAuthenticationRequired=false so each time when I refresh the page it will avoid re authentication which would be another problem.
2)Second Approach I followed is when URL has that parameter then I called
response.redirect(request.getURI());
This removed by query string but it made me to authenticate page again.
3)Third Approach I followed is using Ajax request it worked for me but proved costly as I had to change 45+ files of re authentication and adjust the reponse.
Please suggest some way for this.
On page loading I'm removing the URL from browser using history object.
if(location.search.contains("isAuthenticationRequired=false")){
history.replaceState(null,documnent.title,location.pathname)
}
I have some login information, let say user name, login email Id and location.
I want keep this information in the browser even after the user
logout and close the window.
By this when user comes back after a logout or session expiry, the web application fills the client user name and ask for the password from the user. The best example of my requirement is google login.!!
Currently i am using only session and no cookies.
What are the possible solutions.?
I think you could use cookies for storing data on client side, follow this link
http://www.tutorialspoint.com/jsp/jsp_cookies_handling.htm
set storing age using the method public void setMaxAge(int expiry);
Also another solution is local storage in HTML5
but this is supported only in latest browsers.
http://www.w3schools.com/html/html5_webstorage.asp
http://diveintohtml5.info/storage.html
hope these links will help you
LocalStorage is considered to be the best solution for storing values permanently in the browser.!!
A good explanation about the LocalStorage can be found here.
This is my code used to save the value to the LocalStorage.
function saveLoginNameToLocalStorage()
{
if(typeof(Storage)!=="undefined")//checks whether the browser support localStorage
{
// you dont want to create a variable by var variablename,
// just give it as localStorage.yourVariableName, before assigning
// any values the variable is shown as undefined.
if(localStorage.userName && localStorage.userName !="" && localStorage.userName==document.getElementById("userName").value){
document.getElementById("redirectUrl").value=localStorage.redirectURI;
}
else{
localStorage.redirectURI="";
document.getElementById("redirectUrl").value="";
}
localStorage.userName=document.getElementById("userName").value;
localStorage.redirectURI="";
}
}
You can access the variable using localStorage.userName from anywhere in the browser. Worked well for me. ;-)
Thanks everyone for the help provided..!!
I'm trying to expire all previous versions of a given page with Wicket 1.5.8. In wicket 1.4, it was done by getPage().getPageMap().clear(). Now in wicket 1.5, page map is gone, and I can't figure out how to dot that.
My use case is that I have a wizard (http://www.wicket-library.com/wicket-examples/wizard/) to create/edit an entity. When the wizard is submitted, the user is redirected to the entities list. At this point I don't want the user to be able to use the browser back button to go back to the wizard in the state it was, and thus want to expire previous versions of the page with the wizard (I am using getPageSettings().setRecreateMountedPagesAfterExpiry(true); so the mounted page will be recreated in a blank state if the page expires when the user goes back, which is what I want).
Looking around I found the possibility to use Session.get().clear(); which removes all pages from the Session (I don't know if the 1.4 version was removing all pages or just all versions of the page used to access the PageMap - which would be better for multi-tab support). However, using that works only partly, as the last page is not expired.
Supposing the wizard is mounted at /wizard, redirecting to /list at the end, the flow would be something like: /wizard?1, /wizard?2, /wizard?3, /list. Now when I use the back button, /wizard?3 is not expired, although /wizard?1 and /wizard?2 are as expected. The session clearing and sending to the list page are done in the onFinish method of the wizard, which reads like this:
#Override
public void onFinish() {
Session.get().clear();
Session.get().getFeedbackMessages().add(new FeedbackMessage(..));
setResponsePage(ListPage.class);
}
So, come to the question itself: would anyone know how to get the expected behaviour, i.e. expiring /wizard?3 as well?
Thanks
Note: ListPage is a bookmarkable page and I tried as well with setResponsePage(new ListPage());
Update with what I finally did base on Andrea's suggestion
It is to be noted that my application uses a custom session object extending wicket's Session; let's call it AppSession.
in AppSession, I added a boolean clearRequested attribute (defaults to false)
in AppSession, I added a static void method requestClear() which is just a shortcut to set clearRequested to true in the session
in the onFinish() of my wizard, just before calling setResponsePage, I call AppSession.requestClear()
lastly I just add a RequestCycleListener to my application.
getRequestCycleListeners.add(new AbstractRequestCycleListener() {
#Override
public void onBeginRequest(RequestCycle cycle) {
super.onBeginRequest(cycle);
AppSession session = AppSesssion.get();
if (session.isClearRequested()) {
session.clear();
session.setClearRequested(false);
}
}
});
Now anytime I need to clear session after an action in order to expire pages, I juste call AppSession.requestClear() and in the next request the session is cleared.
you could clear your session in ListPage. Since this page is bookmarkable you could pass it a page parameter indicating that ListPage must get rid of the pages in session.
I am using JSF2.0 Mojarra 2.0.2.
I have a method that logs out a user and puts a logout message in the flash, forwards to the login page (which has a div that prints out the flash). However, when I use navigationHandlers handleNavigation method for some reason the flash is not being displayed. I have a similar method that forwards a user to the login page if he/she isn't logged in.
If I handle the navigation through an h:link and just call the logout method directly, the flash is displayed as normal, but if I use the handleNavigation() method, the flash is cleared for some reason.
The code in question is:
public void performLogout()
{
getFacesContext().getExternalContext().invalidateSession();
setCurrentUser(null);
getFlash().put("notice", "Successfully logged out.");
super.getFacesContext().getApplication().getNavigationHandler()
.handleNavigation(getFacesContext(), null, "login");
}
Is there some way I can keep the flash when navigating like this?
thanks.
Edit: I believe this issue is related to another issue involving the flash not being preserved during redirects when xhtml pages are in different directories: http://java.net/jira/browse/JAVASERVERFACES-1635
You're right.
The JSF 2 flash scope is currently extremly buggy, and based on the specification, will probably remain almost unusable: http://javaserverfaces.java.net/nonav/docs/2.0/javadocs/index.html
If you'd like a flash scope that works as follows, consider using CDI, and the flash scope from Seam Faces - http://docs.jboss.org/seam/3/faces/reference/snapshot/en-US/html_single/#flashscoped
"The flash scope should be active from
the moment an object is placed in the
scope, until the moment the response
has completed rendering."
--Lincoln