I have a footer link "Privacy Policy" in my application. When user clicks this link we display some information on the page along with a "Back" link.
Now requirement is when user click on the Back link I need to display the previous page from which he had opened Privacy policy page.
For example
User is on page A clicks "Privacy Policy" and then when he clicks "Back" we should display page A agian.
If he clicks "Privacy Policy" from page B then when he clicks "Back" we should display page B.
We can use JavaScript to do this but we are not supposed to use JavaScript. Can anyone help me on this?
You can pass an URL parameter to your "Privacy Policy" link telling what is the current page. Then, you will use it as the outcome of "Back".
Use javascript (history.go(-1)) - JSF uses a great amount of javascript already so don't worry.
Related
I want to restrict direct access to certain page in my application. Those pages can only be accessible if the user is redirected to those pages by the application.
All the redirections are done via ExternalContext#redirect(url) method.
User can use back and forward button, also can refresh the page by pressing F5 or via browser's refresh button. What I want is user cannot save, or bookmark URLs of some page, also cannot copy those redistricted URL and paste and go via address bar of the browser.
Followings are the cases:
Say, I have Page-A and Page-B.
Redirection is done to Page-B from Page-A.
User can go back to Page-A and can come again to Page-B by using browser's back and forward button.
User can refresh Page-B and he/she will stay in Page-B.
User CANNOT copy the URL of Page-B and access it later time (in new tab or by bookmarking).
Is it feasible? Any pointer would be very helpful to me.
I don't think you can do all that from JSF.
Your obvious alternative is to use Javascript.
I never herd a concept of disabling Bookmark option in Browser using Javascript. However you can always disable the address field if you open the page in new Window.
You can solve it with
JSF Navigation Handler - set a session attribute from some previous page and expire the value after some time with a timer. From the Handler impl check the value of the attribute and restrict access e.g. redirect to some other page in case the value is not present.
You can achieve similar behaviour with web frameworks. Enforcing controlled navigation is a basic feature in most WEB FXs e.g. JBoss Seam conversations or Spring Web Flow controlled navigation implementations.
I have a chrome extension. When the user clicks the icon I want to:
Check if the user is logged in. This uses google storage (I've got this code already).
If user is logged in, there should NOT be a popup.
If user is not logged in, show browser action pop-up with login post/ajax form.
Google says "If a browser action has a popup, the popup appears when the user clicks the icon." https://developer.chrome.com/extensions/browserAction.html
So I guess not? I could instead add a form to the page DOM, but I'd rather not do that. Any other nice solutions?
Use chrome.browserAction.setPopup({ popup: ''}) to remove the popup.
From the browserAction.setPopup docs:
Sets the html document to be opened as a popup when the user clicks on the browser action's icon...
popup ( string ): If set to the empty string (''), no popup is shown.
You can use chrome.browserAction.setPopup to specify a popup page to show, or no popup at all. However, you must specify the popup before the user clicks the browser action; I don't believe you can change it "just in time" as the user clicks. You should simply start with the popup active by default, and then turn it off once the user has successfully logged in.
We created an E-Newsletter for a client that includes lots of story links as well as banner adds. The majority of users are reading the newsletter in MS Outlook. The client thinks users will get confused when they click on a link from the newsletter and it opens in their browser and then the user can't hit the browser's back button in order to get back to the newsletter.
What are my options?
Is it possible to control where the Browsers back button takes the user? I would guess not for security reasons.
If I have the newsletter links go through our main site and then redirect to the desired page (story or ad), can I do it in such a way that the back button will work and won't result in the user being redirected back to the redirect page?
Is there a better approach?
Overall, the back and forward buttons step the user through the history and for security reasons, there is very little you can do about that. But ...
You do have a certain amount of control over the history. In particular, page 1 can say "go to page 2", and once the user is on page 2, the back button will return the user to page 1 OR page 1 can say "replace me in history with page 2"; then once the user is on page 2, the back button will return the user whatever was before page 1, if anything. This is a good way to Orwell redirect pages right out of memory.
See here for details.
We would like to add content to the now blank page next to the user/pw boxes. I can get content to show up as the front page once the user has logged in, but how do we add content to be viewed by anonymous users only during the login process?
Thank you!
Follow these steps:
Create a block and only check the 'anonymous' checkbox in the Role Specific Visibility Settings.
Set the Page Specific Visibility Settings to display the block on <front> for the front page, user for the login page, or the urls for any other pages on which you may want it to display.
Finally, save the block and place it in the region of your choice.
I'm trying to find a clean way so that the login and logout pages for my liferay portal aren't shown in my menu. For the login page I guess I could move the user to the private pages section but I have no clue how I can make the logout landing page not visible. And preferably the logout page would only be navigable to when you're effectively logged out so users can't accidentally go to it when they've got the url cached in their browser.
Any input would be appreciated.
Regarding hiding the landing pages: Just create them and check "hidden" in "Manage Page" for that page. This will make the page accessible according to the permissions, but hide it in the navigation - e.g. if you know the page's name, you can go there - just as you requested.
If you display the currently logged in user on the logout landing page (e.g. through the "Sign In" portlet, you don't need to display a message like "you've been logged out", but display the current state of the user's session.
Of course you're free to not use the Sign-In opportunity on that page, in this case you'll have to display the current session state in a different portlet. It could be as simple as a templated WebContent portlet, accessing the currently logged in user.
Edit: If you set default.logout.page.path=/web/guest/logout and auth.forward.by.last.path=true but you're still not redirected on logout, chances are that changes made through the UI override your portal-ext.properties. If you've edited "Settings" in ControlPanel, this is most likely the case. You can set these values there, on the first page in settings.
As noted in your comment: You cannot make the first page hidden. This shouldn't be a problem: Just make any other page hidden. Even if you don't have more public content than this, you can have at least a public page stating that you need to login. Make this the first, so the logout page can be either a child page of this or a new toplevel page - but most importantly: It can be hidden.