struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "BetBasoo, Peter" <pbetba...@mesirowfinancial.com>
Subject RE: Session Expired Interceptor
Date Sun, 13 Jan 2013 19:20:48 GMT
Chris:

The javascript is expecting the result in XML format, not a jsp page.

Isn't the interceptor supposed to redirect to expiredSession.jsp? In other words, isn't the
ajax call that initiated this nullified because the interceptor returns "loginRequired"?

That's the whole point of this global interceptor. If the session has expired, the user should
be redirected to expiredSession.jsp, regardless of the call's origin.

For example, the action I have defined below, getClientAccounts, is an ajax call. If the session
has expired and the user clicks on the link that initiates this call, the user should be taken
to expiredSession.jsp.

Do I have to configure the result for "loginRequired" in this call? If so, I would have to
do it for all of the ajax calls, so what would be the point of the global interceptor?

What am I doing wrong?

-----Original Message-----
From: Chris Pratt [mailto:thechrispratt@gmail.com]
Sent: Saturday, January 12, 2013 11:27 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor

Well, the action handler for step 6 hasn't been defined in struts.xml, so it will use the
struts default action handler, which simply returns SUCCESS.  That will trigger the JSP processor
to process the /expiredSession.jsp and return it to the AJAX client, is that what the javascript
handler is expecting?
  (*Chris*)



On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter < pbetbasoo@mesirowfinancial.com> wrote:

> Chris:
>
> Thanks for your help. You touched on two key points.
>
> The login procedure is ajax driven and processing a successful login
> (i.e., moving to the next page) is handled on the client side.
>
> Regarding point 6, this is in fact an ajax request. The action handler
> returns NONE. There are no results defined for the ajax action
> (getClientAccounts). The client side (javascript) handler for this
> request does not process loginRequired because I thought that it would
> never get to that point because of the interceptor. Is this a valid assumption?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 4:19 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> That looks right to me (except for the fact that if the user logs in
> there are no results for getClientAccounts).
>
>
>    1. What should be happening is that Struts runs the interceptor stack,
>    finding your expiredSessionInterceptor first
>    2. When it runs it, it finds that the user is not logged in and returns
>    "loginRequired"
>    3. Struts looks in the action definition in struts.xml for a <result
>    name="loginRequired"> and doesn't find one
>    4. Struts then looks at the global results for <result
>    name="loginRequired"> and finds a match
>    5. It should then send a redirect to the browser specifying the URL for
>    the "loginRequired" action
>    6. At that point, since there is no action class assigned, the
>    "/expiredSession.jsp" file would be processed and returned to the
> browser
>    (of course if this is an AJAX request, the JavaScript better be
> expecting
>    whatever this .jsp file contains).
>
> but from your messages I'm assuming this is not what you're seeing.
> You can either step through the process in the debugger and make sure
> things are happening in that order, or (what I would probably do) put
> log statements at each of those places (at the very least) and make
> sure I'm seeing those events logged in the proper order.  Sorry, I
> can't be more helpful than that.
>
>   (*Chris*)
>
>
> On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Yes, here's struts.xml with one ajax action (getClientAccounts).
> > This action is executed when called even though the interceptor
> > returns "loginRequired"
> >
> > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> >     "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> >     "http://struts.apache.org/dtds/struts-2.0.dtd">
> >
> > <struts>
> >
> >         <constant name="struts.devMode" value="true" />
> >
> >         <package name="basicstruts2" extends="struts-default">
> >
> >                 <interceptors>
> >                         <interceptor name="expiredSessionInterceptor"
> > class="mesirow.struts.ExpiredSessionInterceptor" />
> >                         <interceptor-stack name="sessionExpirationStack">
> >                                 <interceptor-ref
> > name="expiredSessionInterceptor">
> >                                         <param
> >
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogi
> n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> >                                 </interceptor-ref>
> >                                 <interceptor-ref name="defaultStack"/>
> >                         </interceptor-stack>
> >                 </interceptors>
> >
> >                 <default-interceptor-ref name="sessionExpirationStack"
> > />
> >
> >                 <global-results>
> >                         <result type="redirectAction"
> > name="loginRequired">loginRequired</result>
> >                 </global-results>
> >
> >                 <action name="loginRequired">
> >                         <result>/expiredSession.jsp</result>
> >                 </action>
> >
> >                 <action name="getClientAccounts"
> > class="mesirow.action.AccountActions"
> method="getClientAccounts"></action>
> >         </package>
> >
> > </struts>
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 3:11 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > So you now have this in your struts.xml?
> >
> > <global-results>
> >     <result name="loginRequired"
> > type="redirectAction">loginRequired</result>
> > </global-results>
> >
> >   (*Chris*)
> >
> >
> >
> > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > I did put redirectAction action in, it's still not working. The
> > > web page expiredSession.jsp  is not being shown and there is no
> > > indication of an error having occurred.
> > >
> > > When I try this, I observe that the action that initiated the call
> > > is still being called, even though the interceptor returns the
> > > loginRequired result.
> > >
> > > Any ideas?
> > >
> > > -----Original Message-----
> > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > Sent: Friday, January 11, 2013 9:27 PM
> > > To: Struts Users Mailing List
> > > Subject: RE: Session Expired Interceptor
> > >
> > > You are missing the redirectAction. Use something like this:
> > >
> > > <result name="programming"
> > > type="redirectAction">programming</result>
> > >
> > > In your case it would be:
> > >
> > >   <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > >
> > > Regards,
> > > Ajay Mahendru
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > Sent: Friday, January 11, 2013 8:23 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > I'm actually surprised it's not erroring out since the global
> > > result should be a redirectAction since you're not forwarding to a JSP.
> > >
> > > Dave
> > >
> > > (On mobile device, please forgive typos, bizarre autocompletes,
> > > and
> > > top-
> > > quoting.)
> > >  On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > pbetbasoo@mesirowfinancial.com>
> > > wrote:
> > >
> > > > I have written a simple interceptor to check for an expired session.
> > > > Here's the code:
> > > >
> > > > public class ExpiredSessionInterceptor extends
> > > > AbstractInterceptor implements Constants {
> > > >       private static final long serialVersionUID = 1L;
> > > >       private String excludeActions = "";
> > > >
> > > >       public synchronized String intercept(ActionInvocation
> > > > invocation) throws Exception
> > > >       {
> > > >             Map<String, Object> session =
> > > > invocation.getInvocationContext().getSession();
> > > >             String actionName =
> invocation.getProxy().getActionName();
> > > >             if (excludeActions.indexOf(actionName) != -1) return
> > > > invocation.invoke();
> > > >
> > > >             UserInfo userInfo = (UserInfo)
> session.get(Attr_UserInfo);
> > > >             if (userInfo == null)
> > > >             {
> > > >                   return "loginRequired";
> > > >             }
> > > >
> > > >             return invocation.invoke();
> > > >       }
> > > >
> > > >       public void setExcludeActions(String values)
> > > >       {
> > > >             excludeActions = values;
> > > >       }
> > > > }
> > > >
> > > > And here's struts.xml
> > > >
> > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > >     "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > >     "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > >
> > > > <struts>
> > > >
> > > >       <constant name="struts.devMode" value="true" />
> > > >
> > > >       <package name="basicstruts2" extends="struts-default">
> > > >
> > > >             <interceptors>
> > > >                   <interceptor name="expiredSessionInterceptor"
> > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > >                   <interceptor-stack name="sessionExpirationStack">
> > > >                         <interceptor-ref
> > > name="expiredSessionInterceptor">
> > > >                               <param
> > > >
> > > name="excludeActions">login,logout,index,certLogin.jsp,condo,condo
> > > Lo gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > >                         </interceptor-ref>
> > > >                         <interceptor-ref name="defaultStack"/>
> > > >                   </interceptor-stack>
> > > >             </interceptors>
> > > >
> > > >             <default-interceptor-ref name="sessionExpirationStack"
> > > > />
> > > >
> > > >       <global-results>
> > > >                   <result name="loginRequired">loginRequired</result>
> > > >             </global-results>
> > > >
> > > >             <action name="loginRequired">
> > > >                   <result>/expiredSession.jsp</result>
> > > >             </action>
> > > >
> > > >       </package>
> > > >
> > > > </struts>
> > > >
> > > > I have traced into this code and it is correctly returning
> > > "loginRequired"
> > > > when the user is not logged in. The problem is, the
> > > > expiredSession.jsp is not being shown.
> > > >
> > > > This app is entirely driven by ajax calls that return NONE from
> > > > their struts action handlers.
> > > >
> > > > What I observe is that instead of showing the
> > > > expiredSession.jsp, the ajax call goes through to its action
> > > > handler (and fails). Why is the action handler for an ajax call
> > > > being called when I am returning
> > > "loginRequired"?
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are
> > > > not the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications
> > > > should not be transmitted via the Internet, as there can be no
> > > > assurance of actual or timely delivery, receipt and/or
> > > > confidentiality. This is not an offer, or solicitation of any
> > > > offer to buy or sell any security, investment or other product.
> > > >
> > >
> > > ------------------------------------------------------------------
> > > --
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from
> > > disclosing, copying, distributing or using any of this
> > > information. If you received this communication in error, please
> > > contact the sender immediately and destroy the material in its
> > > entirety, whether electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance
> > > of actual or timely delivery, receipt and/or confidentiality. This
> > > is not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > ------------------------------------------------------------------
> > > --
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com

This communication may contain privileged and/or confidential information. It is intended
solely for the use of the addressee. If you are not the intended recipient, you are strictly
prohibited from disclosing, copying, distributing or using any of this information. If you
received this communication in error, please contact the sender immediately and destroy the
material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive
communications should not be transmitted via the Internet, as there can be no assurance of
actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation
of any offer to buy or sell any security, investment or other product.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message