Hai,<br>I need to use one Interceptor for <br> ●LoginAuthendication.<br>After successful login i need to check the role of the user,depending upon the users role i need to allow some page and block for some users.<br><br><br>
I have attaced my coding here.<br><b>app_aop.dicon<br>:::::::::::::::::::::</b><br><?xml version="1.0" encoding="UTF-8"?><br><!DOCTYPE components PUBLIC "-//SEASAR//DTD S2Container 2.4//EN"<br>
"<a href="http://www.seasar.org/dtd/components24.dtd">http://www.seasar.org/dtd/components24.dtd</a>"><br><components namespace="app_aop"><br> <include path="convention.dicon"/><br>
<component name="actionSupportInterceptor" class="org.seasar.teeda.extension.interceptor.ActionSupportInterceptor" /><br> <component name="appFacesExceptionThrowsInterceptor" class="org.seasar.teeda.core.interceptor.AppFacesExceptionThrowsInterceptor" /><br>
<b><span style="background-color: rgb(255, 255, 255);"><component name="LoginAuthInterceptor" class="pmtool.interceptor.LoginAuthInterceptor" /></span><br style="background-color: rgb(255, 255, 255);">
<span style="background-color: rgb(255, 255, 255);"> <component name="LoginUserInterceptor" class="pmtool.interceptor.LoginUserInterceptor" /></span></b><br></components><span style="background-color: rgb(255, 255, 255);"></span><br>
<br><b><br>customizer.dicon<br>:::::::::::::::::::::::::</b><br><component name="pageCustomizer" class="org.seasar.framework.container.customizer.CustomizerChain"><br> <initMethod name="addCustomizer"><br>
<arg>traceCustomizer</arg><br> </initMethod><br> <br> <b> <!-- Start Authendication Interceptor--></b><br> <br> <initMethod name="addAspectCustomizer"><br> <arg>"LoginAuthInterceptor"</arg><br>
<arg>"do.*,initialize, prerender"</arg><br> </initMethod><br> <initMethod name="addIgnoreClassPattern"><br> <arg><b>"pmtool.web.login"</b></arg><br>
<arg><b>"LoginPage"</b></arg><br> </initMethod><br> <br> <initMethod name="addIgnoreClassPattern"><br> <arg>"<b>pmtool.web.error</b>"</arg><br> <arg><b>"Error.</b>*"</arg><br>
</initMethod><br> <initMethod name="addIgnoreClassPattern"><br> <arg><b>"pmtool.web.exception</b>"</arg><br> <arg>"<b>Login.*</b>"</arg><br> </initMethod><br>
<br> <b><!--End --></b><br> <br> <b> <!-- Start --></b><br> <br> <initMethod name="addAspectCustomizer"><br> <arg>"LoginUserInterceptor"</arg><br> <arg>"do.*,initialize, prerender"</arg><br>
</initMethod><br> <initMethod name="addIgnoreClassPattern"><br> <arg>"pmtool.web.login"</arg><br> <arg>"LoginPage"</arg><br> </initMethod><br>
<br> <initMethod name="addIgnoreClassPattern"><br> <arg>"pmtool.web.error"</arg><br> <arg>"Error.*"</arg><br> </initMethod><br> <initMethod name="addIgnoreClassPattern"><br>
<arg>"pmtool.web.exception"</arg><br> <arg>"Login.*"</arg><br> </initMethod><br> <initMethod name="addIgnoreClassPattern"><br> <arg>"<b>pmtool.web.expensesheet</b>"</arg><br>
<arg><b>"Index.*</b>"</arg><br> </initMethod><br> <initMethod name="addIgnoreClassPattern"><br> <arg>"<b>pmtool.web.menu</b>"</arg><br> <arg><b>"Menu.*</b>"</arg><br>
</initMethod><br><br>Authendication intercptor is needed for menu and expensesheet pages where the user level check interceptor(second one) is not needed for these pages.So i included in the AddIgnoreClassPattern tag.<br>
<br><br><b>User Check:<br>:::::::::::::::::::::::</b><br><br>public Object invoke(MethodInvocation invocation)throws Throwable{<br> Object ret=null;<br> <br> if (container!=null)<br> {<br><br> Boolean LoginFlg=getSessionAttribute("<b>usersession</b>");<br>
if (LoginFlg==null||!LoginFlg.booleanValue()){<br> throw new LoginAuthException("You are not logged in or your session has closed.Login Here");<br> //return LoginPage.class;<br>
<br> }<br> }<br> Throwable cause=null;<br> try<br> {<br> ret =invocation.proceed();<br> }catch(final Throwable t){<br> <br> cause=t;<br> }<br>
if (cause!=null)<br> { <br> throw cause;<br> }<br> return ret;<br> }<br><br><br>public boolean getSessionAttribute(String sessionBindLogin){<br> HttpSession session= (HttpSession)container.getExternalContext().getSession();<br>
if(session!=null)<br> {<br> Object log=session.getAttribute(sessionBindLogin);<br> <br> if (log==null){<br> return false;<br> }<br> else{<br>
return true;<br> }<br> <br> }<br> return true;<br> }<br> <br> <br><b>User Level Check<br>::::::::::::::::::::::::::</b><br>public Object invoke(MethodInvocation invocation)throws Throwable{<br>
Object ret=null;<br> <br> if (container!=null)<br> {<br> Boolean loginFlg=getSessionAttribute("<b>userlevel</b>");<br> if (loginFlg==null||!loginFlg.booleanValue()){<br>
throw new LoginAuthException("you not allowed to access this page");<br> //return LoginPage.class;<br> <br> }<br> }<br> Throwable cause=null;<br> try<br>
{<br> ret =invocation.proceed();<br> }catch(final Throwable t){<br> <br> cause=t;<br> }<br> if (cause!=null)<br> { <br> throw cause;<br> }<br> return ret;<br>
}<br><br>public boolean getSessionAttribute(String sessionBindLogin){<br> HttpSession session= (HttpSession)container.getExternalContext().getSession();<br> if(session!=null)<br> {<br> Object log=session.getAttribute(sessionBindLogin);<br>
if (log==null){<br> return false;<br> }<br> <br> else if(log.equals("1")){<br> return true;<br> }<br> else<br> return false;<br>
<br> }<br> return true;<br> }<br><br><br><b>LoginPage<br>::::::::::::::</b><br>public Class doLogin() {<br> if(userid.equals(pwd)){<br> session.setAttribute("<b>usersession</b>", userid);<br>
if(userid.equals("aaa")){<br> session.setAttribute("<b>userlevel</b>", "1");<br> }<br> else<br> session.setAttribute("<b>userlevel</b>", "2");<br>
return MenuPage.class;<br> }<br> else<br> return null;<br> <br> }<br><br><br>If i use like this for menu page and expensesheet page the login check interceptor has not called because i added these two pages in addIgnoreClassPattern of userlevel check interceptor.<br>
<br><br>I have to include addIgnoreClassPattern for each interceptor.Is it possible or not?<br>If my thinging is not correct..If its not correct then how can i achieve this...<br><br>Please help me to finish this.<br><br>
Thanks in advance..<br><br><br><br><br>