-
FEATURED COMPONENTS
First time here? Check out the FAQ!
Hi,
I have following ZUL files in my web content folder
Login.zul - Composer Applied
Category.zul - No Composer Applied
Index.zul - Composer Applied
Help.zul - NO Composer Applied
AboutUs.zul - NO Composer Applied
whenever I try to access Category.zul or Help.zul I can see them in my browser, but according to my usecase If I try to access it, I should always be redirected to Login.zul How can I achieve this.
One Solution : I can add composer to all the ZUL and then in doAfterCompose() do Executions.sendRedirect("to my login page") , but I think this not correct way to do it.
AmandeepJ,
I use this aproach:
Every zul page that has some kind of access security has a selectorcomposer derived class like this class below. BEAN is a EJB session bean which, on my project, is always a remote session bean. See that on function onBeforeComposer: if the user is logged, it continues the flow, otherwise it redirects to index.zul. In this very simple example, I just want to see if the current user is logged.
It makes very simple to implement some kind of access control based on profile.
public abstract class BaseDBLoggedController<BEAN> extends BaseDBController<BEAN> implements LoggedInterface { private static final long serialVersionUID = 3928960337564242027L; @Override public boolean isLogged( ) { Login login = getLoggedUser( ); return login != null; } @Override public ComponentInfo doBeforeCompose( Page page, Component parent, ComponentInfo compInfo ) { if ( isLogged( ) ) { return super.doBeforeCompose( page, parent, compInfo ); } else { redirect( "/index.zul" ); return null; } } @Override public Login getLoggedUser( ) { return (Login) getSessionParameter( userSessionParamName ); } @Override public Collaborator getCurrentCollaborator( ) { Collaborator c = (Collaborator) getSessionParameter( currentCollaborator ); Login l = getLoggedUser( ); if ( c.getPerson( ).equals( l.getPerson( ) ) == false ) { return null; } return c; } protected void setCollaborator( Collaborator c ) { setSessionParameter( currentCollaborator, c ); } }
Just to undestand the chain hierarchy
public abstract class BaseDBController<BEAN> extends BaseController<Window> implements BeanSessonInterface<BEAN>
public abstract class BaseController<T extends Component> extends SelectorComposer<T> implements ISessionParameter
you need a security framework that filters the requests and redirect to login page if a authenticated is needed for a certain page.
or, you can simply write a servlet filter to do this by your way.
Asked: 2012-07-05 06:52:31 +0800
Seen: 162 times
Last updated: Jul 18 '12