tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Mattox" <>
Subject RE: How to make Tomcat reread user's role from database
Date Thu, 10 Jul 2003 15:50:41 GMT
> If it works as expected, then (Michael M) what you might consider is on
> the servlet that 'upgrades' the user from trial to 'not trial'
> invalidate the session, and redirect to a protected page. This would
> make the container authenticate the user again, meaning the user would
> need to login again, but at least they would be kicked out of their old
> role.

I should have given some more details, because it is more complicated than
that.  My subscription form actually POSTS to the WorldPay server and the
user enters their credit card.  The WorldPayServer then sends me an HTTP
Post to a Struts action with the data saying the transaction was successful,
and I update the database to change the user's role from trial to gold for
example.  Since this database change is done in another thread, I don't have
access to invalidate the user's session.

Here's what I've done so far:

I've customized the page WordPay returns to the user saying the payment is
successful.  I've added a link back to our site, but the link actually logs
them out and redirects them to the homepage.  From there they log in again.
I will probably make it even more user friend by inserting a page that says
they need to login again.  This seems to be working.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message