https://stackoverflow.com/questions/22860209
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianOn page loading I'm removing the URL from browser using history object.
if(location.search.contains("isAuthenticationRequired=false")){
history.replaceState(null,documnent.title,location.pathname)
}
Avoiding re-authentication in filter if we click on reset button
-
27-06-2023 - |
Question
Requirement: When I click on Reset button in my web application then it should not show re authentication pop-up.
HTML code:
<button type="reset" onclick="reloadcurrentpage(false)">Reset</button>
JS code
function reloadcurrentpage(isAuthenticationRequired){
window.location=window.location.href+"?isAuthenticationRequired"+isAuthenticationRequired;
}
I have UserAuthenticationFilter which sees that if page is already authenticated .This I am doing by storing boolean value to some variable in session scope when it goes into Controller. Let me make you more clear. Let us suppose it is authenticated first time
Controller code
public class MyController{
public Object formBackingObject(HttpServletRequest request){
request.getSession.setAttribute("isAuthenticated",true)
}
}
Filter code:
public class Fitler{
doFilter(request,response,filterChain){
if(request.getSession.getAttribute("isAuthenticated")){
request.getSession.remove("isAuthenticated");
fitlerChain.doFilter(request,response) ;
}else{
reponse.sendRedirect("showAuthenticationPopUp")
}
}//doFilter ends//
}//filter class ends
Approaches I followed to avoid re-authentication
1)When I click on reset say URL forming is http.india.com/myController?isAuthenticationRequired=false else other times it is http.india.com/myController
Now when I click on Reset button and write appropriate code in filter for this Query String I can avoid re-authentication, but problem is when I refresh the page then also re-authentication is avoided which should not happen. Reason for this is when I click on reset the url formed is http.india.com/myController?isAuthenticationRequired=false so each time when I refresh the page it will avoid re authentication which would be another problem.
2)Second Approach I followed is when URL has that parameter then I called
response.redirect(request.getURI());
This removed by query string but it made me to authenticate page again.
3)Third Approach I followed is using Ajax request it worked for me but proved costly as I had to change 45+ files of re authentication and adjust the reponse.
Please suggest some way for this.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
