Validating User Session using AJAX
- Ravikumar Babu CTOO (Unlicensed)
Implementation teams can send meaningful error messages to end-users using AJAX calls during user authentication.
For example, let’s assume user ‘terrim’ logs on to Modelhouse application. If the user’s credentials are incorrect or if the user does not have access, a meaningful error message must be displayed to the user.
Perform the following steps to validate session using AJAX:
For the example scenario, in the Index.jsp page, send the AJAX request with the additional param, "AJAX_REQUEST" : "Y“, as shown in the following code snippet:
function validateUser() { var aparams= { "INPUT_ACTION": "SESSIONTEST", "INPUT_FUNCTION_CODE": "VSBLTY", "INPUT_PRODUCT": "CUSER", "INPUT_SUB_PRODUCT": "CUSER", "PAGE_CODE_TYPE": "SESSIONTEST", "PRODUCT_NAME": "CUSER", "AJAX_REQUEST": "Y", "transactionCode":"logn", "ctLoginID":"terrim" }; extAjax( { params: aparams, success: function(response) { if(response.JSON_MAP.STATUS == 'failure') alert(response.JSON_MAP.ADDITIONAL_INFO); }, failure:function (response,request) { alert("fail"); } }); } <input type = "submit" onclick = "validateUser()" name = "commit" value = "LOGIN" class = "login-btn" aria-label = "Click to Login" />Use the forward mapping to use a servlet to forward the AJAX:
<action-map screenCode = "SESSIONTEST" prodCode = "CUSER" subProdCode = "CUSER" funcCode = "VSBLTY" host = "SESSIONTESTHOST"> <action-class> com.intellectdesign.app.iquiz.action.TxnAction </action-class> </action-map>Create the Action (Java) class for the logon authentication. The following is a sample for reference:
package com.intellectdesign.app.iquiz.action; import java.util.Map; import javax.servlet.http.HttpServletRequest; import com.intellectdesign.canvas.action.PortletAction; import com.intellectdesign.canvas.common.ReplyObject; import com.intellectdesign.canvas.constants.common.FrameworkConstants; import com.intellectdesign.canvas.exceptions.action.OrbiActionException; import com.intellectdesign.canvas.exceptions.common.ProcessingErrorException; import com.intellectdesign.canvas.logger.Logger; import com.intellectdesign.canvas.login.sessions.SessionInfo; import com.intellectdesign.canvas.web.config.ActionMap; public class TxnAction extends PortletAction{ @Override public ReplyObject executePortletActionUsing(String action, SessionInfo sessionInfo, ActionMap actionMap, Map requestParams, HttpServletRequest request) throws OrbiActionException { logger.ctinfo("CTTXN0001"); ReplyObject reply = null; try { logger.ctdebug("CTTXN0002"); /* * if ("SUBMIT".equals(action) || "DRAFT".equals(action)) { */ reply = executeHostRequest(sessionInfo, actionMap.getHostCode(), requestParams, request); /* } */ logger.ctdebug("CTTXN0003"); } catch (ProcessingErrorException procExcep) { logger.cterror("CTTXN0004"); throw new OrbiActionException(FrameworkConstants.ERROR_SYSTEM_ERROR, "Received processing error while handling action - '" + action + "in TxnAction action", procExcep); } logger.ctinfo("CTTXN0005"); return reply; } private static final Logger logger = Logger.getLogger(TxnAction.class); }Create the Handler class (Java) to handle the log-on authentication. The following is a sample reference:
Specify the Handler (Java) class in the handler properties:
Create a Authentication Provider (Java) class to fail the user authentication and set some logon failure message in the setuserValue -> setInfo. A Sample reference is as follows:
Specify the authentication provider in the securityconfig.properties file:
Check that the user authentication is validated using AJAX in the application.
For example, user ‘terrim’ logons to the Modelhouse application in the following screen shot:
In the Authentication Provider (Java) class, the user authentication is made to fail in the authenticateUser function. Hence, the following error message is shown to indicate that the user authentication is validated using AJAX:
Â