How to handle authentication through AJAX using a java web application using form-based login

Question

How to handle authentication through AJAX using a java web application using form-based login

I have a java web application running on WebSphere 7. The application uses the form authentication method, and part of the application accesses some protected resources using ajax requests. However, when the user session expires, I get a login page instead of the content that needs to be updated using an ajax request.

Is there a good way to handle this problem? WebSphere returns a 200 response status using the login page, so I cannot rely on this.

There may be a way to tell the server that basic authentication should be used in certain circumstances, but I don't know how to do it.

I also thought about checking first if the session is new, first making a request for insecure resources and then returning a certain status, but it looks like a solution for patented code ...

+3

java authentication ajax websphere

svachon 18 sept. '09 at 14:27

source share

2 answers

- (, ), Ajax WebSphere. Ajax, , , . , - .

0

Umesh 18 . '09 14:37

Zz coder · Accepted Answer · 2009-09-18T15:10:46+0000

This is how I dealt with this in a similar situation. In our case, the AJAX response is always JSON. When the login expires, the authentication filter always submits an HTML login form. Therefore, I check the content type as follows:

 if ((this.getHeader('Content-type') || '').include('application/json'))

If it is not JSON, I simply redirect to another secure page that initiates entry into full screen mode, and then this page will return the user to the AJAX page.

How to handle authentication through AJAX using a java web application using form-based login

More articles: