In my web application, I am using Cookie Based session, and thus that session is being shared among all browser tabs, Is there a way to restrict user to have access of application in one tab at a time with the use of tokens(Token Interceptor)? Opening up in a new tab will invalidate the previous tab pages (i.e all application jsp pages including login page)
In short this is not possible and only solution which come to my mind is force user to use a single instance of your application by writing URLs on the fly use a sessionID.
I am not sure why you need this and what exactly is your use case.If i am correct there is such feature in spring security which help us to keep only one instance per logged in user and all you need to set a property in your spring-security xml file like
<session-management>
<concurrency-control max-sessions="1" />
</session-management>
For details refer to these threads
how-to-differ-sessions-in-browser-tabs
allow-only-one-session-per-user
Related
we have a CRM-like application written in GWT/GXT with help of our library which wraps some GXT widgets like ComboBox or Grid from GXT to simplify interaction with relational database. When the application starts a user have to log in and after successfully login the user can see main horizontal menu and some welcome information. If the user want to do something (e. g. to find a customer) he/she has to click somewhere in the menu and a new GXT modal window appears. Now we want to give the user a possibility to open a new session (e. g. to handle a second customer and visually compare customer's data with the first customer) in a new browser window.
How to do it?
Best Regards,
Jacek
The best way I know to comunicate between browser tabs is to use HTML 5 localStorage. Here is a good tutorial. In GWT you can use gwt-storage to easily manipulate the localStorage.
If you want to open a new Window or browsertab you will need to solve two problems:
You will need to specify the session. This can be done by simply create some kind of session token-cookie. This should be flagged with http-only for security reasons). New windows will send the same cookie (and the user is logged in)
You need to specify the item, you want to show. This can be done by using the history API and store the token in the URL
I wrote relatively simple web app in Spring MVC. I have following multipage forms:
Fill in
Check preview and eventually go back to 1. by form button or back button in your browser
Confirm
I used annotation #SessionAttributes and everything goes well, besides of going back to edit form after preview.
Then I have an information that document has expired in browser and I have to renew my POST request hence creating new objects. I resolved this problem by creating another method which loads view with form and loads there information from session, but still I can't use 'back button' in my browser. I would like to avoid javascript in this problem. Any ideas?
EDIT: I can see when session is active header is always set to 'no cache no store', maybe there is a way to configure Spring Session to enable cache and store? I searched but didn't find anything helpful.
I'm just new to Zend Framework. Currently what I'm trying to do is when user access my website
they will first see a select box with two language such as english and germany to choose.
Only when they make a selection, the browser will redirect them to the index controller of that specific language page.
So my question is how to make a select box in bootstrap file or any kind of possible ways to do that and how to redirect user after that? Any solution will be much appreciated!
Don't ever use bootstrap file (and I'm talking about both Bootstrap.php and index.php) for this kind of operations. First, it just won't work the way you ask; second, you'll mess your app's structure big time.
Instead you may use one of the following approaches:
1) add some predispatch hook that will check whether the choice has already been made by checking the user's cookies. If it is, proceed with request as usual (probably setting some Zend_Registry lang variable to be used later), if not, redirect for the language choosing page; the latter should store the choice made in cookies.
2) implement a simple rule in your Router/mod_rewrite: when the requested URL contains 'the language part' (http://example.com/lang/xx/... or just http://example.com/xx/...), it automatically uses this part so set the lang param. If not, the request is automatically redirected to the language choosing page. The latter, in turn, leads the user to a language-specific page, where all the links are made language-specific.
The latter approach is inferior, in my opinion, as user will have to use a language-tuned gateway all the time. But you don't have to store this info in cookies.
You could make a plugin that use the preDispatch event to look if the language has been chosen (e.g stored in cookie or session) and redirect to the landing page if not.
Look here zend framework plug-in - predispatch()
and the ZF's action plugin documentation.
That's what I do to force login in my app.
Now in your position what I would really do would be detecting the language of the user with a fallback to English and a switch widget somewhere in your navbar.
I wanted to know if I can run a facebook with multiple application tabs all from the same application. E.g. I have a tab welcome located under /welcome of my app as well as the tab contact located under /contact. In facebook application settings I can set the domain path http://example.com/ and the page tab location as http://example.com/welcome ... but I want to use more than one tab on a page with my application <-- is this possible or should I have to create for each application tab a new application?? :-|
Greetings
Denis
Unfortunately no. Currently you can only have one tab per app per Page. If you want to add multiple tabs to a single Page, you'll need to have a separate app for each one.
It is possible to serve different tab content to different Pages from one app by using the profile_id property of the signed_request parameter. Check out the other properties of the signed_request parameter for more ideas about ways you can customize Page tab content on the fly.
Please give me idea about the management of data in GWT. I am using Gwt in my travel portal project and my web pages is related to previous page data but when i press the refresh button of browser's then my data is lost . so please inform me if there is any way to manage this problem.
GWT History class cannot be used to manage page refresh (only back/forward).
A click on the refresh button send a request to the server and the state of the application is reloaded from the server. That's all. You have to deal with it.
If you don't want to lose your data, you have to find a way to save it on the server when it's needed.
If your users have modern browsers, you can use the HTML5 feature localStorage to store the data in the browser between page-refresh.
Check this thread for supported browser.
You can create a url fragment to encode your data.
String location = "ny";
History.newItem("location="+location);
will result with a url fragment of www.example.com#location=ny
Then if the browser is refreshed, you can decode the url fragment and determine that the location is ny.
For multiple parameters you can create a complex fragment and parse it.
History.newItem("start="+startLocation+"&end="+endLocation);
Then the url would look like www.example.com#start=newyork&end=boston
The basic idea is to store some state in the URL fragment (the part of the URL after the #) -- for example your-site.com/app#page-1
To listen for changes to the fragment, use GWT's History class. The fragment will change when the user goes back/forward, or refreshes the page.
So you could have your app do different things when the URL has #page-1 vs #page-2, etc.
A more generalized and scalable solution to this is something like gwt-platform's Place architecture (along with Presenters, which are also a good idea for large apps)