Tuesday, January 31, 2012

Data Control and Session Scope Use Case to Control Web Browser Tabs

Sometimes there are unique requirements, for example we want to allow access to application screens only from single browser tab. If application screen is accessed within the same session, but from another browser tab - access should be disabled. In order to implement such requirement, we need to track if application was already accessed from the same session - if yes, access id disabled. We can implement this by combination of Data Control and Session Scope usage.

Blog reader was asking what is the difference storing variable value in Session Scope or in Data Control - ADF Region Communication - Region Refresh Through Contextual Event. One of the main differences - Session Scope is available across session and is accessible from multiple browser tabs. Data Control is always reset for the new browser tab. Also you need to be careful not to reset Data Control, by entering into Isolated Scope TF.

Download completed sample application to control Web browser tabs access - SessionDataControlApp.zip.

In order to test this sample, login as redsam/welcome1 user:

Open application screen:

Open second browser tab (it depends on browser settings, but in most of the cases different tabs are using same session) and access application screen - access will be restricted, by custom login implemented inside sample application:

Application screen from the first tab is working well:

How this is implemented? Well - there is simple POJO class, which stores session Id variable:

ADF Data Control is generated on top of this class:

There is UI template, it contains switcher component, with two facets - noaccess and content. Based on custom logic - page content is rendered inside content facet, if application screen is accessed within the same session from another browser tab - noaccess facet is rendered:

Facet rendering logic is calculated inside managed bean method:

UI template is enabled with Page Definition and can access Data Control methods:

Custom method checks if Session Scope variable was initialized. If no - means its first access. It sets both Session Scope and Data Control variables. If Session Scope variable was already initialized - it checks if Data Control variable is empty. In case of empty Data Control variable - user is accessing application within the same session from another browser tab - access will be restricted.

1 comment:

Anonymous said...

I have a requirement where in tab1 of pannel tabbed should call TF1 nd tab2 shd call TF2. Each of the task flows has a .jsff page which inturn has a method call which is invoked by a bean class. Both the .jsff method call r invoked from seperate bean class.
Whn im running the app, instead of a particular bean class both the bean classes r being called. I just want one bean class to be called. Any suggestions!! (What logic shd i write in bean class so tht only one class is invoked whn a particular tab is pressed)