Httpsession with Spring 3 MVC

Posted by vipul12389 on Stack Overflow See other posts from Stack Overflow or by vipul12389
Published on 2012-10-11T07:43:35Z Indexed on 2012/10/11 9:37 UTC
Read the original article Hit count: 222

Filed under:
|
|

I want to use httpsession in Spring 3 MVC..i have searched all the web and got this solution..at http://forum.springsource.org/showthread.php?98850-Adding-to-stuff-to-the-session-while-using-ResponseBody

Basically, My application auto authenticates user by getting winId and authorizes through LDAP..(Its a intranet site)

Here is the flow of the application, 1. User enters Aplication url (http://localhost:8082/eIA_Mock_5)

  1. it has a welcome page (index.jsp)
  2. Index.jsp gets winId through jQuery and hits login.html (through Ajax) and passes windowsId
  3. login.html (Controller) authenticates through LDAP and gives back 'Valid' String as a response
  4. javascript, upon getting the correct response, redirects/loads welcome page i.e. goes to localhost:8082/eIA_Mock_5/welcome.html

Now, i have filter associated with it..which checks for is session valid for each incoming request..Now the problem is even though i set data on to httpsession, yet the filter or any other controller fails to get the data through session as a result it doesnt proceeds further..

here is the code..and could you suggest what is wrong actually ??

Home_Controller.java

    @Controller
    public class Home_Controller {

        public static Log logger = LogFactory.getLog(Home_Controller.class);

        @RequestMapping(value={"/welcome"})
        public ModelAndView loadWelcomePage(HttpServletRequest request,HttpServletResponse response)
        {
            ModelAndView mdv = new ModelAndView();
            try{
                /*HttpSession session = request.getSession();
                UserMasterBean userBean = (UserMasterBean)session.getAttribute("userBean");
                String userName=userBean.getWindowsId();
                if(userName==null || userName.equalsIgnoreCase(""))
                {   
                    mdv.setViewName("homePage");

                    System.out.println("Unable to authenticate user ");
                    logger.debug("Unable to authenticate user ");
                }
                else
                {
                    System.out.println("Welcome User "+userName);
                    logger.debug("Welcome User "+userName);
                    */
                    mdv.setViewName("homePage");
                /*}*/

            }
            catch(Exception e){
                logger.debug("inside authenticateUser ",e);
                e.printStackTrace();
            }
            return mdv;
        }

        @RequestMapping(value = "/login", method = RequestMethod.GET)
        public @ResponseBody String authenticateUser(@RequestParam String userName,HttpSession session)
        {
            logger.debug("inside authenticateUser");

            String returnResponse=new String();
            try{
                logger.debug("userName for Authentication "+userName);
                System.out.println("userName for Authentication "+userName);

                //HttpSession session = request.getSession();

                if(userName==null || userName.trim().equalsIgnoreCase(""))
                    returnResponse="Invalid";
                else
                {
                    System.out.println("uname "+userName);

                    String ldapResponse = LDAPConnectUtil.isValidActiveDirectoryUser(userName, "");

                    if(ldapResponse.equalsIgnoreCase("true"))
                    {   
                        returnResponse="Valid";

                        System.out.println(userName+" Authenticated");
                        logger.debug(userName+" Authenticated");

                        UserMasterBean userBean = new UserMasterBean();
                        userBean.setWindowsId(userName);

                        //if(session.getAttribute("userBean")==null)
                        session.setAttribute("userBean", userBean);
                    }
                    else
                    {   
                        returnResponse="Invalid";

                        //session.setAttribute("userBean", null);

                        System.out.println("Unable to Authenticate the user through Ldap");
                        logger.debug("Unable to Authenticate the user through Ldap");
                    }

                    System.out.println("ldapResponse "+ldapResponse);
                    logger.debug("ldapResponse "+ldapResponse);

                    System.out.println("returnResponse "+returnResponse);
                }

                UserMasterBean u = (UserMasterBean)session.getAttribute("userBean");
                System.out.println("winId "+u.getWindowsId());
            }
            catch(Exception e){
                e.printStackTrace();
                logger.debug("Exception in authenticateUser ",e);
            }
            return returnResponse;
        }

Filter

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
      {
        System.out.println("in PageFilter");
        boolean flag = false;
        HttpServletRequest objHttpServletRequest = (HttpServletRequest)request;
        HttpServletResponse objHttpServletResponse = (HttpServletResponse)response;
        HttpSession session = objHttpServletRequest.getSession();
        String contextPath = objHttpServletRequest.getContextPath();

        String servletPath = objHttpServletRequest.getSession().getServletContext().getRealPath(objHttpServletRequest.getServletPath());

        logger.debug("contextPath :" + contextPath);
        logger.debug("servletPath :" + servletPath);
        System.out.println("in PageFilter, contextPath :" + contextPath);
        System.out.println("in PageFilter, servletPath :" + servletPath);

        if (servletPath.endsWith("\\") || servletPath.endsWith("/") || 
          servletPath.indexOf("css") > 0 || servletPath.indexOf("jsp") > 0 || 
          servletPath.indexOf("images") > 0 || servletPath.indexOf("js") > 0 || 
          servletPath.endsWith("index.jsp") || servletPath.indexOf("xls") > 0 || 
          servletPath.indexOf("ini") > 0 || servletPath.indexOf("login.html") > 0 || 
          /*servletPath.endsWith("welcome.html") ||*/ servletPath.endsWith("logout.do") )
        {
          System.out.println("User is trying to access allowed pages like Login.jsp, errorPage.jsp, js, images, css");
          logger.debug("User is trying to access allowed pages like Login.jsp, errorPage.jsp, js, images, css");
          flag = true;
        }

        if (flag== false)
        {
          System.out.println("flag = false");

          if(session.getAttribute("userBean") == null)
              System.out.println("yes session.userbean is null");

          if ((session != null) && (session.getAttribute("userBean") != null))
            {
              System.out.println("session!=null && session.getAttribute(userId)!=null");

              logger.debug("IF Part");

              UserMasterBean userBean = (UserMasterBean)session.getAttribute("userBean");
              String windowsId = userBean.getWindowsId();

              logger.debug("User Id " + windowsId + " allowed access");
              System.out.println("User Id " + windowsId + " allowed access");
              flag = true;
            }
            else
            {
              System.out.println("else .....session!=null && session.getAttribute(userId)!=null");
              logger.debug("Else Part");
              flag = false;
            }
        }

        if (flag == true) {
          try {
            System.out.println("before chain.doFilter(request, response)");
            chain.doFilter(request, response);
          } catch (Exception e) {
            e.printStackTrace();
            try {
              objHttpServletResponse.sendRedirect(contextPath + "/logout.do");
            } catch (Exception ex) {
              ex.printStackTrace();
            }
          }
        }
        else {
          try
          {
            System.out.println("before sendRedirect");
            objHttpServletResponse.sendRedirect(contextPath + "/jsp/errorPage.jsp");
          } catch (Exception ex) {
            ex.printStackTrace();
          }

        }

        System.out.println("end of PageFilter");
      }

Index.jsp

    <script type="text/javascript">
    //alert("inside s13");
    var WinNetwork = new ActiveXObject("WScript.Network");
    var userName=WinNetwork.UserName;
    alert(userName);

    $.ajax({  
        url : "login.html",  
        data : "userName="+userName,
        success : function(result) {
            alert("result == "+result);
            if(result=="Valid")
                window.location = "http://10.160.118.200:8082/eIA_Mock_5/welcome.html";
        }
    });
    </script>

web.xml has a filter entry with URL pattern as * I am using spring 3 mvc

© Stack Overflow or respective owner

Related posts about spring

Related posts about spring-mvc