1.17 Site Maintenance Application

1.17.1 Basic Procedure

Occasionally, you will need to shut down your site for maintenance. To display a "Site is under maintenance" page for some users but allow access to users with the correct permissions, add the following line to the <properties> element in the core.xml file:

<app-jsp-path>maintenance_application.jsp</app-jsp-path>

Users who do not have the permission "maintenance user" ("<permission name="maintenance.user" />") will not be able to access the site. The server will not need to be restarted. Users currently logged in will not be logged out and will continue to have access to the site. Once the application is in use, any user that does not have the correct permissions will be denied access to the site.

You can also use the <login-jsp-path> element to set an alternate login .jsp file that will alert users that the site is under maintenance and that a login attempt will fail if the user does not have special authorization. To do this, add the following line to the <properties> element in the core.xml file:

<login-jsp-path>maintenance_login.jsp</app-jsp-path>

1.17.2 Custom Procedure

You may want to create a custom .jsp solution to deal with site maintenance times. To do this, use the following guidelines to create a file that will replace the normal application .jsp.

The following imports will be required:

 <%@ page import="com.cri.security.server.*" %>
 <%@ page import="java.security.*" %>
 <&@ page import="java.util.*" %>
 <%@ page import="javax.servlet.*" &>

Once you have the required imports, the following code in that same .jsp will then authenticate a user:

 <%
   boolean isAuthorized = false;
	ViewpointUser user = SecurityService.get().authenticate(request);
  	Permissions permissions = user.getPermissions();
	List<Permission> permissionsList = Collections.list(permissions.elements());
	for (Permission permission : permissionsList ) {
		  // In the following line, match the quoted text with any permission to have that permission
		  // be the permission used to allow the user into the site.
		  if ("maintenance.user".equals(permission.getName())) {
           isAuthorized = true;
		  }
   }
	if (!isAuthorized) {
		  //  If the user has the correct permission, display the normal login page
		  //  If the user does not have the correct permission, display the "under construction" page.
			%>  <jsp:forward page="maintenance.jsp" /> <%
	}
 %>

This code can be customized further to forward the user to any location the administrator desires based on the <jsp:forward page="targetPage.jsp> element.