Tags
People
Badges
Help-
CORE FRAMEWORK
FEATURED COMPONENTS
-
RESOURCES
-
LEARN ZK
RESOURCES
Hi,
I have following ZUL files in my web content folder
Login.zul - Composer Applied
Category.zul - No Composer Applied
Index.zul - Composer Applied
Help.zul - NO Composer Applied
AboutUs.zul - NO Composer Applied
whenever I try to access Category.zul or Help.zul I can see them in my browser, but according to my usecase If I try to access it, I should always be redirected to Login.zul How can I achieve this.
One Solution : I can add composer to all the ZUL and then in doAfterCompose() do Executions.sendRedirect("to my login page") , but I think this not correct way to do it.
AmandeepJ,
I use this aproach:
Every zul page that has some kind of access security has a selectorcomposer derived class like this class below. BEAN is a EJB session bean which, on my project, is always a remote session bean. See that on function onBeforeComposer: if the user is logged, it continues the flow, otherwise it redirects to index.zul. In this very simple example, I just want to see if the current user is logged.
It makes very simple to implement some kind of access control based on profile.
public abstract class BaseDBLoggedController<BEAN> extends BaseDBController<BEAN> implements LoggedInterface
{
private static final long serialVersionUID = 3928960337564242027L;
@Override
public boolean isLogged( )
{
Login login = getLoggedUser( );
return login != null;
}
@Override
public ComponentInfo doBeforeCompose( Page page, Component parent, ComponentInfo compInfo )
{
if ( isLogged( ) ) {
return super.doBeforeCompose( page, parent, compInfo );
}
else {
redirect( "/index.zul" );
return null;
}
}
@Override
public Login getLoggedUser( )
{
return (Login) getSessionParameter( userSessionParamName );
}
@Override
public Collaborator getCurrentCollaborator( )
{
Collaborator c = (Collaborator) getSessionParameter( currentCollaborator );
Login l = getLoggedUser( );
if ( c.getPerson( ).equals( l.getPerson( ) ) == false ) {
return null;
}
return c;
}
protected void setCollaborator( Collaborator c )
{
setSessionParameter( currentCollaborator, c );
}
}
Just to undestand the chain hierarchy
public abstract class BaseDBController<BEAN> extends BaseController<Window> implements BeanSessonInterface<BEAN>
public abstract class BaseController<T extends Component> extends SelectorComposer<T> implements ISessionParameter
you need a security framework that filters the requests and redirect to login page if a authenticated is needed for a certain page.
or, you can simply write a servlet filter to do this by your way.
Asked: 2012-07-05 06:52:31 +0800
Seen: 162 times
Last updated: Jul 18 '12
