struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "BetBasoo, Peter" <pbetba...@mesirowfinancial.com>
Subject RE: Session Expired Interceptor
Date Sun, 13 Jan 2013 02:05:07 GMT
Chris:

Thanks for your help. You touched on two key points.

The login procedure is ajax driven and processing a successful login (i.e., moving to the
next page) is handled on the client side.

Regarding point 6, this is in fact an ajax request. The action handler returns NONE. There
are no results defined for the ajax action (getClientAccounts). The client side (javascript)
handler for this request does not process loginRequired because I thought that it would never
get to that point because of the interceptor. Is this a valid assumption?

-----Original Message-----
From: Chris Pratt [mailto:thechrispratt@gmail.com]
Sent: Saturday, January 12, 2013 4:19 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor

That looks right to me (except for the fact that if the user logs in there are no results
for getClientAccounts).


   1. What should be happening is that Struts runs the interceptor stack,
   finding your expiredSessionInterceptor first
   2. When it runs it, it finds that the user is not logged in and returns
   "loginRequired"
   3. Struts looks in the action definition in struts.xml for a <result
   name="loginRequired"> and doesn't find one
   4. Struts then looks at the global results for <result
   name="loginRequired"> and finds a match
   5. It should then send a redirect to the browser specifying the URL for
   the "loginRequired" action
   6. At that point, since there is no action class assigned, the
   "/expiredSession.jsp" file would be processed and returned to the browser
   (of course if this is an AJAX request, the JavaScript better be expecting
   whatever this .jsp file contains).

but from your messages I'm assuming this is not what you're seeing.  You can either step through
the process in the debugger and make sure things are happening in that order, or (what I would
probably do) put log statements at each of those places (at the very least) and make sure
I'm seeing those events logged in the proper order.  Sorry, I can't be more helpful than that.

  (*Chris*)


On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter < pbetbasoo@mesirowfinancial.com> wrote:

> Yes, here's struts.xml with one ajax action (getClientAccounts). This
> action is executed when called even though the interceptor returns
> "loginRequired"
>
> <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
>     "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
>     "http://struts.apache.org/dtds/struts-2.0.dtd">
>
> <struts>
>
>         <constant name="struts.devMode" value="true" />
>
>         <package name="basicstruts2" extends="struts-default">
>
>                 <interceptors>
>                         <interceptor name="expiredSessionInterceptor"
> class="mesirow.struts.ExpiredSessionInterceptor" />
>                         <interceptor-stack name="sessionExpirationStack">
>                                 <interceptor-ref
> name="expiredSessionInterceptor">
>                                         <param
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
>                                 </interceptor-ref>
>                                 <interceptor-ref name="defaultStack"/>
>                         </interceptor-stack>
>                 </interceptors>
>
>                 <default-interceptor-ref name="sessionExpirationStack"
> />
>
>                 <global-results>
>                         <result type="redirectAction"
> name="loginRequired">loginRequired</result>
>                 </global-results>
>
>                 <action name="loginRequired">
>                         <result>/expiredSession.jsp</result>
>                 </action>
>
>                 <action name="getClientAccounts"
> class="mesirow.action.AccountActions" method="getClientAccounts"></action>
>         </package>
>
> </struts>
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 3:11 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> So you now have this in your struts.xml?
>
> <global-results>
>     <result name="loginRequired"
> type="redirectAction">loginRequired</result>
> </global-results>
>
>   (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > I did put redirectAction action in, it's still not working. The web
> > page expiredSession.jsp  is not being shown and there is no
> > indication of an error having occurred.
> >
> > When I try this, I observe that the action that initiated the call
> > is still being called, even though the interceptor returns the
> > loginRequired result.
> >
> > Any ideas?
> >
> > -----Original Message-----
> > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > Sent: Friday, January 11, 2013 9:27 PM
> > To: Struts Users Mailing List
> > Subject: RE: Session Expired Interceptor
> >
> > You are missing the redirectAction. Use something like this:
> >
> > <result name="programming"
> > type="redirectAction">programming</result>
> >
> > In your case it would be:
> >
> >   <result name="loginRequired"
> > type="redirectAction">loginRequired</result>
> >
> > Regards,
> > Ajay Mahendru
> >
> >
> >
> > -----Original Message-----
> > From: Dave Newton [mailto:davelnewton@gmail.com]
> > Sent: Friday, January 11, 2013 8:23 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > I'm actually surprised it's not erroring out since the global result
> > should be a redirectAction since you're not forwarding to a JSP.
> >
> > Dave
> >
> > (On mobile device, please forgive typos, bizarre autocompletes, and
> > top-
> > quoting.)
> >  On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > pbetbasoo@mesirowfinancial.com>
> > wrote:
> >
> > > I have written a simple interceptor to check for an expired session.
> > > Here's the code:
> > >
> > > public class ExpiredSessionInterceptor extends AbstractInterceptor
> > > implements Constants {
> > >       private static final long serialVersionUID = 1L;
> > >       private String excludeActions = "";
> > >
> > >       public synchronized String intercept(ActionInvocation
> > > invocation) throws Exception
> > >       {
> > >             Map<String, Object> session =
> > > invocation.getInvocationContext().getSession();
> > >             String actionName = invocation.getProxy().getActionName();
> > >             if (excludeActions.indexOf(actionName) != -1) return
> > > invocation.invoke();
> > >
> > >             UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> > >             if (userInfo == null)
> > >             {
> > >                   return "loginRequired";
> > >             }
> > >
> > >             return invocation.invoke();
> > >       }
> > >
> > >       public void setExcludeActions(String values)
> > >       {
> > >             excludeActions = values;
> > >       }
> > > }
> > >
> > > And here's struts.xml
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > >     "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > >     "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > >       <constant name="struts.devMode" value="true" />
> > >
> > >       <package name="basicstruts2" extends="struts-default">
> > >
> > >             <interceptors>
> > >                   <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > >                   <interceptor-stack name="sessionExpirationStack">
> > >                         <interceptor-ref
> > name="expiredSessionInterceptor">
> > >                               <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLo
> > gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > >                         </interceptor-ref>
> > >                         <interceptor-ref name="defaultStack"/>
> > >                   </interceptor-stack>
> > >             </interceptors>
> > >
> > >             <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > >       <global-results>
> > >                   <result name="loginRequired">loginRequired</result>
> > >             </global-results>
> > >
> > >             <action name="loginRequired">
> > >                   <result>/expiredSession.jsp</result>
> > >             </action>
> > >
> > >       </package>
> > >
> > > </struts>
> > >
> > > I have traced into this code and it is correctly returning
> > "loginRequired"
> > > when the user is not logged in. The problem is, the
> > > expiredSession.jsp is not being shown.
> > >
> > > This app is entirely driven by ajax calls that return NONE from
> > > their struts action handlers.
> > >
> > > What I observe is that instead of showing the expiredSession.jsp,
> > > the ajax call goes through to its action handler (and fails). Why
> > > is the action handler for an ajax call being called when I am
> > > returning
> > "loginRequired"?
> > >
> > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from
> > > disclosing, copying, distributing or using any of this
> > > information. If you received this communication in error, please
> > > contact the sender immediately and destroy the material in its
> > > entirety, whether electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance
> > > of actual or timely delivery, receipt and/or confidentiality. This
> > > is not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com

This communication may contain privileged and/or confidential information. It is intended
solely for the use of the addressee. If you are not the intended recipient, you are strictly
prohibited from disclosing, copying, distributing or using any of this information. If you
received this communication in error, please contact the sender immediately and destroy the
material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive
communications should not be transmitted via the Internet, as there can be no assurance of
actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation
of any offer to buy or sell any security, investment or other product.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message