struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Newton <davelnew...@gmail.com>
Subject Re: Form handling by direct URL in Struts 1.3.8
Date Wed, 13 Jun 2012 16:19:21 GMT
Sure, redirect any request without a user info object to the login page.

Dave

(pardon brevity and typos, on cell)
On Jun 13, 2012 12:16 PM, "Anjib Mulepati" <anjibcs@hotmail.com> wrote:

> i know that. My question was how we handle such direct URL. Like in this
> case. Is there any mechanism to prevent?
>
> On 6/13/2012 12:07 PM, Jason Zheng wrote:
>
>> That's the problem, when you type the URL directly, the
>> LoginSubmitAction.execute() method will not be invoked, so the 'userinfo'
>> is not exits in any scope.
>>
>> On Wed, Jun 13, 2012 at 11:58 PM, Anjib Mulepati<anjibcs@hotmail.com>**
>> wrote:
>>
>>  User info is put into session after they log in so its in
>>> LoginSubmitAction class.
>>>
>>> public class LoginSubmitAction extends org.apache.struts.action.****Action
>>> {
>>>
>>>    private static final String ERROR = "errorFront";
>>>
>>>
>>>    private static final String SUCCESS = "success";
>>>
>>>    private static Log log = LogFactory.getLog("****LoginSubmitAction");
>>>
>>>
>>>     @Override
>>>    public ActionForward execute(ActionMapping mapping, ActionForm form,
>>>            HttpServletRequest request, HttpServletResponse response)
>>>            throws Exception {
>>>
>>>        LoginForm loginForm = (LoginForm) form;
>>>        String forwardPath = (String) request.getSession().**
>>> getAttribute("forwardPath");
>>>        String userName = loginForm.getUserName().****toLowerCase();
>>>        String passWord = loginForm.getPassword();
>>>        UserInfo userInfo = new UserInfo();
>>>
>>>        ActionForward objAxFrwd = null;
>>>        try {
>>>            /* Authenticate user */
>>>
>>>            UserDelegate userDelegate = new UserDelegate(userName, null);
>>>            userDelegate.validateUser(****userName, passWord);
>>>            log.info("User authenticated: " + userName);
>>>
>>>            /* Get user profile and store in beans then to session
>>> variable
>>> */
>>>            UserProfileInfo userProfileInfo =
>>> userDelegate.getUserProfile(*
>>> *userName);
>>>            userInfo.setUserName(****userProfileInfo.getUserName())****;
>>> //Currently username is same as email address.
>>>            userInfo.setPassword(passWord)****;
>>>            userInfo.setFirstName(****userProfileInfo.getFirstName()**
>>> **);
>>>            userInfo.setLastName(****userProfileInfo.getLastName())****;
>>>            userInfo.setEmail(****userProfileInfo.getEmail());
>>>            userInfo.setPhone(****userProfileInfo.getPhone());
>>>
>>>
>>>
>>>        } catch (BusinessDelegateException e) {
>>>            /* User not authenticated */
>>>            log.error(e.getErrorCode() + ": User not authenticated: " +
>>> userName);
>>>
>>>            ActionErrors errors = new ActionErrors();
>>>            errors.add("error", new ActionMessage(e.getMessage(), false));
>>>            this.saveErrors(request, errors);
>>>            return mapping.findForward(ERROR);
>>>        } catch (org.apache.cxf.binding.soap.****SoapFault s){
>>>            log.error(s);
>>>            return mapping.findForward(ERROR);
>>>        }
>>>
>>>        /* Forward control to the specified success URI */
>>>        if (forwardPath != null) {
>>>            objAxFrwd = new ActionForward(forwardPath);
>>>        } else {
>>>            objAxFrwd = mapping.findForward(SUCCESS);
>>>        }
>>>        request.getSession().****setAttribute("userInfo", userInfo);
>>>        request.getSession().****setAttribute("userName", userName);
>>>        return objAxFrwd;
>>>
>>>    }
>>> }
>>> On 6/13/2012 11:51 AM, Dave Newton wrote:
>>>
>>>  I don't see anything that puts a user info into session (or request, I
>>>> forgot where it was), so it makes sense the JSP would fail.
>>>>
>>>> [OT] In the future, consider removing useless, empty comments so people
>>>> trying to help have less work to do :)
>>>>
>>>> Dave
>>>>
>>>> On Wed, Jun 13, 2012 at 11:43 AM, Anjib Mulepati<anjibcs@hotmail.com>**
>>>> **
>>>> wrote:
>>>>
>>>>  1. Base Class
>>>>
>>>>> public abstract class BaseAction extends org.apache.struts.action.****
>>>>> Action
>>>>> {
>>>>>
>>>>>    private static Log log = LogFactory.getLog("BaseAction"******);
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @param mapping
>>>>>     * @param form
>>>>>     * @param request
>>>>>     * @param response
>>>>>     * @return
>>>>>     * @throws IOException
>>>>>     * @throws ServletException
>>>>>     * @throws BusinessDelegateException
>>>>>     */
>>>>>    @Override
>>>>>    public ActionForward execute(ActionMapping mapping, ActionForm form,
>>>>>            HttpServletRequest request, HttpServletResponse response)
>>>>>            throws IOException, ServletException,
>>>>> BusinessDelegateException
>>>>> {
>>>>>
>>>>>        if (!this.userIsLoggedIn(request)******) {
>>>>>            ActionErrors errors = new ActionErrors();
>>>>>            errors.add("error", new ActionMessage("error.**
>>>>> userNotLoggedIn"));
>>>>>            this.saveErrors(request, errors);
>>>>>            String url = request.getServletPath() + "?" +
>>>>> request.getQueryString();
>>>>>            request.getSession().******setAttribute("forwardPath",
>>>>> url);
>>>>>            return mapping.findForward("******sessionEnded");
>>>>>        }
>>>>>        return executeAction(mapping, form, request, response);
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @param mapping
>>>>>     * @param form
>>>>>     * @param request
>>>>>     * @param response
>>>>>     * @return
>>>>>     * @throws IOException
>>>>>     * @throws ServletException
>>>>>     */
>>>>>    protected abstract ActionForward executeAction(ActionMapping
>>>>> mapping,
>>>>>            ActionForm form, HttpServletRequest request,
>>>>>            HttpServletResponse response)
>>>>>            throws IOException, ServletException;
>>>>>
>>>>>    private boolean userIsLoggedIn(******HttpServletRequest request) {
>>>>>        UserInfo userInfo = (UserInfo) request.getSession().**
>>>>> getAttribute("userInfo");
>>>>>        String userName = null;
>>>>>        try{
>>>>>            userName = userInfo.getUserName();
>>>>>        } catch (NullPointerException ex) {
>>>>>            log.error("User hasn't logged in yet.");
>>>>>            return false;
>>>>>        }
>>>>>
>>>>>        if ( userName == null) {
>>>>>            return false;
>>>>>        }
>>>>>        return true;
>>>>>    }
>>>>> }
>>>>>
>>>>> 2. Action class
>>>>> public class ChangePasswordAction extends BaseAction {
>>>>>
>>>>>    private static Log log = LogFactory.getLog("****
>>>>> ChangePasswordAction");
>>>>>
>>>>>    private static final String SUCCESS = "success";
>>>>>
>>>>>    private static final String FAILURE = "failure";
>>>>>
>>>>>    @Override
>>>>>    public ActionForward executeAction(ActionMapping mapping, ActionForm
>>>>> form,
>>>>>            HttpServletRequest request, HttpServletResponse response)
>>>>>            throws IOException, ServletException {
>>>>>
>>>>>        ActionErrors errors = new ActionErrors();
>>>>>        ActionMessages messages = new ActionMessages();
>>>>>
>>>>>        ChangePasswordForm changePwdForm = (ChangePasswordForm) form;
>>>>>        String userName = changePwdForm.getUserName();
>>>>>        String oldPassword = changePwdForm.getOldPwd().******trim();
>>>>>        String newPassword = changePwdForm.getPassword().******trim();
>>>>>        UserDelegate userDelegate = new UserDelegate(userName, null);
>>>>>        boolean isPasswordChanged = userDelegate.changePassword(******
>>>>> userName,
>>>>> oldPassword, newPassword);
>>>>>
>>>>>        if (isPasswordChanged) {
>>>>>            messages.add("password", new ActionMessage("msg.**
>>>>> changePasswordSuccess"));
>>>>>            this.saveMessages(request, messages);
>>>>>            log.info("Password changed successfully.");
>>>>>            return mapping.findForward(SUCCESS);
>>>>>        } else {
>>>>>            errors.add("errors", new ActionMessage("msg.**
>>>>> changePasswordError"));
>>>>>            saveErrors(request, errors);
>>>>>            log.error("Password can't be changed");
>>>>>            return mapping.findForward(FAILURE);
>>>>>        }
>>>>>   }
>>>>> }
>>>>>
>>>>> 3. Validation class
>>>>> public class ChangePasswordForm extends ValidatorForm {
>>>>>
>>>>>    private String userName;
>>>>>    private String oldPwd;
>>>>>    private String password;
>>>>>    private String confirmPwd;
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @return
>>>>>     */
>>>>>    public String getPassword() {
>>>>>        return password;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @param password
>>>>>     */
>>>>>    public void setPassword(String password) {
>>>>>        this.password = password;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @return
>>>>>     */
>>>>>    public String getOldPwd() {
>>>>>        return oldPwd;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @param oldPwd
>>>>>     */
>>>>>    public void setOldPwd(String oldPwd) {
>>>>>        this.oldPwd = oldPwd;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @return
>>>>>     */
>>>>>    public String getConfirmPwd() {
>>>>>        return confirmPwd;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @param confirmPwd
>>>>>     */
>>>>>    public void setConfirmPwd(String confirmPwd) {
>>>>>        this.confirmPwd = confirmPwd;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @return
>>>>>     */
>>>>>    public String getUserName() {
>>>>>        return userName;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @param userName
>>>>>     */
>>>>>    public void setUserName(String userName) {
>>>>>        this.userName = userName;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     */
>>>>>    public ChangePasswordForm() {
>>>>>        super();
>>>>>
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     * This is the action called from the Struts framework.
>>>>>     * @param mapping The ActionMapping used to select this instance.
>>>>>     * @param request The HTTP Request we are processing.
>>>>>     * @return set of errors.
>>>>>     */
>>>>>    @Override
>>>>>    public ActionErrors validate(ActionMapping mapping,
>>>>> HttpServletRequest
>>>>> request) {
>>>>>        ActionErrors errors = new ActionErrors();
>>>>>        if(userName.isEmpty()){
>>>>>            errors.add("error", new ActionMessage("error.userName"**
>>>>> ****));
>>>>>        }
>>>>>        if(oldPwd.isEmpty()){
>>>>>            errors.add("error", new ActionMessage("error.****
>>>>> oldPassword"));
>>>>>        }
>>>>>        if(password.isEmpty()){
>>>>>            errors.add("error", new ActionMessage("error.****
>>>>> newPassword"));
>>>>>        }
>>>>>        if(!confirmPwd.equals(******password)){
>>>>>            errors.add("error", new ActionMessage("error.**
>>>>> confirmPassword"));
>>>>>        }
>>>>>        if(userName.equalsIgnoreCase(******password)){
>>>>>            errors.add("error", new ActionMessage("error.**
>>>>> sameAsUsername"));
>>>>>        }
>>>>>        if(oldPwd.equalsIgnoreCase(******password)){
>>>>>            errors.add("error", new ActionMessage("error.****
>>>>> samePassword"));
>>>>>        }
>>>>>        return errors;
>>>>>    }
>>>>>
>>>>>    /**
>>>>>     *
>>>>>     * @param mapping
>>>>>     * @param request
>>>>>     */
>>>>>    @Override
>>>>>    public void reset(ActionMapping mapping, HttpServletRequest
>>>>> request) {
>>>>>        userName = "";
>>>>>        oldPwd = "";
>>>>>        password = "";
>>>>>        confirmPwd = "";
>>>>>    }
>>>>> }
>>>>>
>>>>> On 6/13/2012 11:10 AM, Jason Zheng wrote:
>>>>>
>>>>>  Anjib, would you like to show us the codes in the Action
>>>>>
>>>>>> ChangePasswordAction?
>>>>>>
>>>>>> On Wed, Jun 13, 2012 at 10:58 PM, Dave Newton<davelnewton@gmail.com>
>>>>>>  wrote:
>>>>>>
>>>>>>  Then it's likely you're doing something wrong if you're forwarding
>>>>>> to a
>>>>>>
>>>>>>  page before creating the info that page needs.
>>>>>>>
>>>>>>> Dave
>>>>>>>
>>>>>>> On Wed, Jun 13, 2012 at 10:53 AM, Anjib Mulepati<anjibcs@hotmail.com
>>>>>>>
>>>>>>>  wrote:
>>>>>>>
>>>>>>>> Even though I put validation in ActionForm validate() method
failure
>>>>>>>> will
>>>>>>>> take to changePasswordPage. I do have validation to check
form
>>>>>>>> field.
>>>>>>>>
>>>>>>>>
>>>>>>>> On 6/13/2012 9:17 AM, Dave Newton wrote:
>>>>>>>>
>>>>>>>>  Maybe some sort of validation would be helpful.
>>>>>>>>
>>>>>>>>  Dave
>>>>>>>>>
>>>>>>>>> On Wed, Jun 13, 2012 at 9:03 AM, Anjib Mulepati<
>>>>>>>>> anjibcs@hotmail.com>
>>>>>>>>>  wrote:
>>>>>>>>>
>>>>>>>>>  Hi All,
>>>>>>>>>
>>>>>>>>>  I have question regarding handling form submission by
direct URL
>>>>>>>>> in
>>>>>>>>>
>>>>>>>>>> Struts
>>>>>>>>>> 1.3.8
>>>>>>>>>>
>>>>>>>>>> I have a page to change password which user can access
after they
>>>>>>>>>>
>>>>>>>>>>  login.
>>>>>>>>>>
>>>>>>>>> URL for that page is http://localhost:8080/MyApp/********<http://localhost:8080/MyApp/******>
>>>>>>>> <http://localhost:8080/**MyApp/****<http://localhost:8080/MyApp/****>
>>>>>>>> >
>>>>>>>>
>>>>>>>>  **changepassword.do<http://****localhost:8080/MyApp/******
>>>>>>>>>
>>>>>>>>>> changepassword.do<http://**localhost:8080/MyApp/******
>>>>>>>>>> changepassword.do<http://localhost:8080/MyApp/****changepassword.do>
>>>>>>>>>> >
>>>>>>>>>>  <http://localhost:8080/MyApp/********changepassword.do<http://localhost:8080/MyApp/******changepassword.do>
>>>>>>>>>> <http://**localhost:8080/MyApp/******changepassword.do<http://localhost:8080/MyApp/****changepassword.do>
>>>>>>>>>> >
>>>>>>>>>>
>>>>>>>>> <http://**localhost:8080/**MyApp/****changepassword.do<ht**
>>>>>>>>> tp://localhost:8080/MyApp/****changepassword.do<http://localhost:8080/MyApp/**changepassword.do>
>>>>>>>>> >
>>>>>>>>>
>>>>>>>> <http://**localhost:8080/******MyApp/**changepassword.do<
>>>>>>>>
>>>>>>>>  http://localhost:8080/MyApp/******changepassword.do<http://localhost:8080/MyApp/****changepassword.do>
>>>>>>>>> <http://**localhost:8080/MyApp/****changepassword.do<http://localhost:8080/MyApp/**changepassword.do>
>>>>>>>>> >
>>>>>>>>> <http://**localhost:8080/**MyApp/**changepassword.do<http**
>>>>>>>>> ://localhost:8080/MyApp/**changepassword.do<http://localhost:8080/MyApp/changepassword.do>
>>>>>>>>> >
>>>>>>>>>
>>>>>>>>>> I have action mapping as follow:
>>>>>>>>>> <action path="/changepassword" input="changePasswordPage"
>>>>>>>>>>
>>>>>>>>>>  scope="request"
>>>>>>>>>>
>>>>>>>>>  name="ChangePasswordForm" type="com.anjib.actions.**
>>>>>>>>
>>>>>>>>  ChangePasswordAction">
>>>>>>>>>
>>>>>>>>>> <forward name="success" path="changePasswordPage"
/>
>>>>>>>>>> <forward name="failure" path="changePasswordPage"/>
>>>>>>>>>> </action>
>>>>>>>>>>
>>>>>>>>>> I have tile definition for changePasswordPage which
have page like
>>>>>>>>>>
>>>>>>>>>>  header
>>>>>>>>>>
>>>>>>>>> which display welcome information after user login
>>>>>>>>
>>>>>>>>  <div id="welcome" class="right">
>>>>>>>>>
>>>>>>>>>> <bean:message key="label.welcome" />
>>>>>>>>>> <logic:notEmpty name="userInfo" property="firstName">
>>>>>>>>>>         ${userInfo.firstName}&nbsp;${**********userInfo.lastName}
>>>>>>>>>>
>>>>>>>>>> </logic:notEmpty>
>>>>>>>>>> <logic:empty name="userInfo" property="firstName">
>>>>>>>>>>            ${userInfo.userName}
>>>>>>>>>> </logic:empty>
>>>>>>>>>> </div>
>>>>>>>>>>
>>>>>>>>>> Now everything works fine if we follow normal process:
Login and
>>>>>>>>>> do
>>>>>>>>>> actions. But if someone type URL http://localhost:8080/MyApp/**
>>>>>>>>>> changepassword.do<http://********localhost:8080/MyApp/****
>>>>>>>>>> changepassword.do<
>>>>>>>>>>
>>>>>>>>>>  http://localhost:8080/MyApp/******changepassword.do<http://localhost:8080/MyApp/****changepassword.do>
>>>>>>>>>> <http://**localhost:8080/MyApp/****changepassword.do<http://localhost:8080/MyApp/**changepassword.do>
>>>>>>>>>> >
>>>>>>>>>>
>>>>>>>>> <http://**localhost:8080/**MyApp/**changepassword.do<http**
>>>>>>>>> ://localhost:8080/MyApp/**changepassword.do<http://localhost:8080/MyApp/changepassword.do>
>>>>>>>>> >
>>>>>>>>> directly
>>>>>>>>>
>>>>>>>>>  then I don't get page and I have error in Tomcat log
>>>>>>>>
>>>>>>>>  Caused by: javax.servlet.jsp.**********JspException: Cannot
find
>>>>>>>>> bean:
>>>>>>>>>
>>>>>>>>>> "userInfo"
>>>>>>>>>>
>>>>>>>>>> in any scope
>>>>>>>>>>
>>>>>>>>>> Any help will be appreciated.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>> Anjib
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ------------------------------**********----------------------**
>>>>>>>>>> --**
>>>>>>>>>> --**--**
>>>>>>>>>> --**---------
>>>>>>>>>> To unsubscribe, e-mail: user-unsubscribe@struts.********apac**
>>>>>>>>>> he.org<
>>>>>>>>>>
>>>>>>>>>>  http://apache.org>
>>>>>>>>>>
>>>>>>>>> <user-unsubscribe@**struts.****a**pache.org<http://apache.org**><
>>>>>>>> http://struts.**apache.org<htt**p://struts.apache.org<http://struts.apache.org>
>>>>>>>> >><
>>>>>>>>
>>>>>>>>  user-unsubscribe@struts.****apac**he.org<http://apache.org**><
>>>>>>>>> user-unsubscribe@**struts.**apache.org <http://struts.apache.org><
>>>>>>>>> user-unsubscribe@**struts.apache.org<user-unsubscribe@struts.apache.org>
>>>>>>>>> >
>>>>>>>>>
>>>>>>>> For additional commands, e-mail: user-help@struts.apache.org
>>>>>>>>
>>>>>>>>   ------------------------------********------------------------**
>>>>>>>>>> --**
>>>>>>>>>> --**
>>>>>>>>>>
>>>>>>>>>>  --**---------
>>>>>>>>>
>>>>>>>> To unsubscribe, e-mail: user-unsubscribe@struts.******apac**he.org<
>>>>>>>> http://apache.org**>
>>>>>>>> <
>>>>>>>>
>>>>>>>>  user-unsubscribe@struts.****apac**he.org<http://apache.org**><
>>>>>>>>
>>>>>>> user-unsubscribe@**struts.**apache.org <http://struts.apache.org><
>>>>>>> user-unsubscribe@**struts.apache.org<user-unsubscribe@struts.apache.org>
>>>>>>> >
>>>>>>>
>>>>>>>> For additional commands, e-mail: user-help@struts.apache.org
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>   ------------------------------******--------------------------**
>>>>>> --**
>>>>>>
>>>>> --**---------
>>>>> To unsubscribe, e-mail: user-unsubscribe@struts.****apac**he.org<
>>>>> http://apache.org**>
>>>>> <user-unsubscribe@**struts.**apache.org <http://struts.apache.org><
>>>>> user-unsubscribe@**struts.apache.org<user-unsubscribe@struts.apache.org>
>>>>> >
>>>>> For additional commands, e-mail: user-help@struts.apache.org
>>>>>
>>>>>
>>>>>
>>>>>  ------------------------------****----------------------------**
>>> --**---------
>>> To unsubscribe, e-mail: user-unsubscribe@struts.**apac**he.org<http://apache.org>
>>> <user-unsubscribe@**struts.apache.org<user-unsubscribe@struts.apache.org>
>>> >
>>>
>>> For additional commands, e-mail: user-help@struts.apache.org
>>>
>>>
>>>
>>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: user-unsubscribe@struts.**apache.org<user-unsubscribe@struts.apache.org>
> For additional commands, e-mail: user-help@struts.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message