struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nils-Helge Garli Hegvik <nil...@gmail.com>
Subject Re: Problem with LoginInterceptor
Date Mon, 20 Jul 2009 10:01:35 GMT
You need to include one of the framework interceptor stacks (e.g
"defaultStack") in your "defaultLoginStack" stack. As you have
configured it, your interceptor is the only one that is being
executed, so none of the framework "magic" gets applied.

Nils-H

On Mon, Jul 20, 2009 at 10:09 AM, mathias-ewald<nitehoaxxer@gmx.net> wrote:
>
> Hi,
>
> recently I was told using Interceptors was better than using a BaseAction
> object performing the login process. I agree. Still I have some trouble:
>
> This is what happens: I have a JSP that creates a button liked with another
> action:
>
> AgencyDetails.jsp
> ---------------------------------
> ...
> <s:url id="url" value="/rating/Rate">
>        <s:param name="staffResourceId"><s:property value="staffResource.id"
> /></s:param>
> </s:url>
> <s:a href="%{url}"><button>Place Rating!</button></s:a><br>
> ...
> ---------------------------------
>
> This is the struts.xml configuration for that Action:
>
> rating.xml
> ---------------------------------
> <package name="rating" namespace="/rating" extends="default">
>        <default-interceptor-ref name="defaultLoginStack" />
>        <action name="Rate"
> class="de.mathiasewald.projektseminar.action.rating.Rate">
>                <result>
>                        /rating/Rate.jsp
>                </result>
>        </action>
> </package>
> ---------------------------------
>
> This is the inteceptor stack in struts.xml
>
> ---------------------------------
> <interceptors>
>    <interceptor name="login"
> class="de.mathiasewald.projektseminar.interceptor.LoginInterceptor">
>
>    </interceptor>
>    <interceptor-stack name="defaultLoginStack">
>        <interceptor-ref name="login" />
>    </interceptor-stack>
> </interceptors>
> ---------------------------------
>
> and finally the LoginInterceptor.java
>
> ---------------------------------
> public class LoginInterceptor extends AbstractInterceptor implements
> StrutsStatics {
>
>        /**
>         *
>         */
>        private static final long serialVersionUID = -6647897949084333127L;
>
>
>        private LoginManager loginManager = new LoginManager();
>
>        private static final Log log = LogFactory.getLog(LoginInterceptor.class);
>
>        private static final String USER_HANDLE = "QUADRAN_USER_SESSSION_HANDLE";
>        private static final String LOGIN_ATTEMPT = "QUADRAN_LOGIN_ATTEMPT";
>        private static final String USERNAME = "QUADRAN_USERNAME";
>        private static final String PASSWORD = "QUADRAN_PASSWORD";
>
>
>
>        public void init () {
>                log.info ("Intializing LoginInterceptor");
>        }
>
>        public void destroy () {}
>
>        public String intercept (ActionInvocation invocation) throws Exception {
>                // Get the action context from the invocation so we can access
the
>                // HttpServletRequest and HttpSession objects.
>                final ActionContext context = invocation.getInvocationContext
();
>                HttpServletRequest request = (HttpServletRequest)
> context.get(HTTP_REQUEST);
>                HttpSession session =  request.getSession (true);
>
>                // Is there a "user" object stored in the user's HttpSession?
>                Object user = session.getAttribute (USER_HANDLE);
>                if (user == null) {
>                        // The user has not logged in yet.
>
>                        // Is the user attempting to log in right now?
>                        String loginAttempt = request.getParameter (LOGIN_ATTEMPT);
>                        if (loginAttempt != null && loginAttempt.trim().length()
> 0) { // The
> user is attempting to log in.
>
>                                log.info("User tries to log in - processing
attempt...");
>
>                                // Process the user's login attempt.
>                                if (processLoginAttempt (request, session)
) {
>                                        // The login succeeded send
them the login-success page.
>                                        log.info("User " + loginAttempt
+ " logged in successfully.");
>                                        return invocation.invoke ();
>                                } else {
>                                        // The login failed. Set an
error if we can on the action.
>                                        log.info("Error authenticating
user " + loginAttempt);
>                                        Object action = invocation.getAction
();
>                                        if (action instanceof com.opensymphony.xwork2.ValidationAware)
{
>                                                ((com.opensymphony.xwork2.ValidationAware)
action).addActionError
> ("Username or password incorrect.");
>                                        }
>                                }
>                        }
>
>                        // Either the login attempt failed or the user hasn't
tried to login yet,
>                        // and we need to send the login form.
>                        return "login";
>                } else {
>                        return invocation.invoke ();
>                }
>        }
>
>        /**
>         * Attempt to process the user's login attempt delegating the work to the
>         * SecurityManager.
>         */
>        public boolean processLoginAttempt (HttpServletRequest request, HttpSession
> session) {
>                // Get the username and password submitted by the user from the
> HttpRequest.
>                String username = request.getParameter (USERNAME);
>                String password = request.getParameter (PASSWORD);
>
>                // Use the security manager to validate the user's username and
password.
>                Object user = loginManager.login(username, password);
>
>                if (user != null) {
>                        // The user has successfully logged in. Store their
user object in
>                        // their HttpSession. Then return true.
>                        session.setAttribute (USER_HANDLE, user);
>                        return true;
>                } else {
>                        // The user did not successfully log in. Return false.
>                        return false;
>                }
>        }
>
> }
> ---------------------------------
>
> Clicking the button I showed ealier, the Rate action is invoked and
> intercepted by LoginInterceptor. As you can see the Action gets a parameter
> "staffResourceId". As I click it the login page shows up and the address bar
> of my browser tells
> "http://localhost:8080/projektseminar/rating/Rate?staffResourceId=1".
> Next, I enter my login credentials, the log tells me I was logged in
> successfully, the browser address bar says
> "http://localhost:8080/projektseminar/rating/Rate" and the log messages from
> the Rate action say that there was no staffResourceId parameter set.
>
> Why is that?
>
> cu
> mathias
> --
> View this message in context: http://www.nabble.com/Problem-with-LoginInterceptor-tp24565562p24565562.html
> Sent from the Struts - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message