John, You created DELTASPIKE-373, but I'm not sure the all-or-nothing approach is right. Yes some apps may need to globally disable the window context, but in our apps, we need to handle windows/tabs contexts (like the seam2 "workspace" concept) I don't know if it's possible to have a solution in DS that handles the classic "redirect to login page" scenario as used by many apps/frameworks like apache Shiro but by globally still having the windows/tab context active Maybe DS should provide a way to have the windows context active, and handle nicely the login-kind-of -pages without havind to change all the palces in the security frameworks 9and elsewhere) that performs redirects Denis
2013/5/28 John D. Ament <[email protected]>: > Mark, > > Perhaps we should provide an alternative OOTB that allows you to disable > this? > > John > > > On Tue, May 28, 2013 at 10:12 AM, Mark Struberg <[email protected]> wrote: > >> Hi >> >> Just provide a ClientWindowConfig impl which sets the >> ClientWindowRenderMode to NONE. >> >> I've recently posted code samples how to do so. >> >> LieGrue, >> strub >> >> >> >> >> ----- Original Message ----- >> > From: titou10 titou10 <[email protected]> >> > To: [email protected] >> > Cc: >> > Sent: Tuesday, 28 May 2013, 16:02 >> > Subject: DS + mfRid/windowdId + Shiro UserFilter/redirectToLogin = >> infinite >> redirect loop in browser >> > >> > Hi, >> > With the current snapshot of DS, we have a problem with Shiro and the >> > introduction of the mfRid/windowdId parameters >> > Shiro is configured to redirect to the login page (defines in >> > shiro.ini) if required >> > >> > We use an AJAX compatible Shiro UserFilter as explained here : >> > >> http://balusc.blogspot.ca/2013/01/apache-shiro-is-it-ready-for-java-ee-6.html >> > >> > When this happens, the browser enter an infinite redirect loop, >> > because, I *guess* it's because Shiro does not include the >> > mfRid/windowdId parameters on the login page >> > Q: >> > - Am I right? >> > - Is it possible to exclude some pages (like the login or error pages) >> > from being in need of having those parameters >> > - Maybe it's possible to "add" those parameters in our login >> > pages? >> > >> > It would be a real pain to override a *lot* of Shiro classes to handle >> > the mfRid/windowdId parameters everywhere >> > >> > At this time we can not test/use the current code of DS with our apps. >> > >> > WDYT? >> > >>
