struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From olgt <>
Subject struts action url mapping and container managed authorization
Date Wed, 28 Apr 2004 14:16:51 GMT
Greetings to all -

I need to have a number of authentication/registration
related actions to be available w/out container
managed authentication. The problem is that
ActionServlet can only have one mapping: 

5.4.2 Configure the Action Servlet Mapping WARNING -
Struts will not operate correctly if you define more
than one <servlet-mapping> element for the controller

I use extension mapping since according to 5.4.2
Configure the Action Servlet Mapping: WARNING - If you
are using the new module support in Struts 1.1, you
should be aware that only extension mapping is

So, in web.xml I have this:


Do I have to now enumerate all of the secured actions
here (instead of "*.do") in order to 'open' a few
login/registration related ones ? What is the best
practice to deal with this issue ?

Any ideas are greatly appreciated.

Note. Here is what I've tried in the past. I've
created a new servlet and gave it a special mapping.
This servlet gets a reference to the struts action
servlet as

ActionServlet actionServlet =

and then calls doGet/doPost on it. This way I can use
multiple url mappings for the struts actions. 

This approach helped to get access to the actions
outside of the struts framework (straight html

However, there is a  problem with this approach. 

If I map my proxy servlet using prefix mapping as

then html:form tag 
 <html:form action="/authenticate.public">
will resolve into
 <form name="loginForm" method="post"     
which will cause the container authorization check

If I map my proxy servlet using extension mapping as

then html:form tag 
 <html:form action="/authenticate.public">
will cause the exception: 
 Cannot retrieve mapping for action /authenticate

Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message