Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Faces 3 + Soteria: redirect on viewexpired on ajax request #322

Open
pizzi80 opened this issue May 13, 2022 · 4 comments
Open

Faces 3 + Soteria: redirect on viewexpired on ajax request #322

pizzi80 opened this issue May 13, 2022 · 4 comments

Comments

@pizzi80
Copy link

pizzi80 commented May 13, 2022

Actually Soteria do not manage this, which is the best place to implement the correct "ajax" redirect?

something like the one proposed by BalusC

https://stackoverflow.com/questions/13366936/jsf-filter-not-redirecting-after-initial-redirect/13369719#13369719

String loginURL = req.getContextPath() + "/login/login.xhtml";

if (!authenticated && !req.getRequestURI().equals(loginURL)) {
    if ("partial/ajax".equals(request.getHeader("Faces-Request"))) {
        res.setContentType("text/xml");
        res.getWriter()
            .append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>")
            .printf("<partial-response><redirect url=\"%s\"></redirect></partial-response>", loginURL);
    } else {
        res.sendRedirect(loginURL);
    }
} else {
    chain.doFilter(request, response);
}
@arjantijms
Copy link
Contributor

We had that in a prototype in Soteria along with an issue in Faces to be able to pop a dialog if needed for authentication. Unfortunately the person assigned to it vanished in thin air, so the issue was never finished.

Would however still be good to look at again.

@pizzi80
Copy link
Author

pizzi80 commented May 16, 2022
edited
Loading

The redirect logic is inside LoginToContinueInterceptor

What I see is that inside Soteria/Utils there are 2 o 3 methods that implements a redirect and the
the one that shoud be used for JSF is not called, at least in my fork which is based on v2.0

So I think we should call the right method which is the one at line 186 of Utils of the master

Probably I should fix it in my fork and wait for Jakarta ee 10 to see if in the meantime has been fixed

@arjantijms
Copy link
Contributor

What I see is that inside Soteria/Utils there 2 o 3 methods to do a redirect and the
the one that shoud be used for JSF is not called,

That's "correct" in the sense that we started that work there, but because of the thin air event never finished it. Its leftover is in the code still.

@pizzi80
Copy link
Author

pizzi80 commented May 17, 2022
edited
Loading

ok, it works, it's just a matter of call the other Utils.redirect method
inside HttpMessageContextImpl

@Override
    public AuthenticationStatus redirect(String location) {
        //Utils.redirect(getResponse(), location);
        Utils.redirect(getRequest(),getResponse(),location);

        return SEND_CONTINUE;
    }

and in Utils a little check to avoid NPE inside isFacesAjaxRequest


public static boolean isFacesAjaxRequest(HttpServletRequest request) {
    if ( request == null ) return false;

    String facesHeader = request.getHeader("Faces-Request");
    return facesHeader != null && FACES_AJAX_HEADERS.contains(facesHeader);
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@arjantijms @pizzi80