struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Newton <davelnew...@gmail.com>
Subject Re: Session Expired Interceptor
Date Sat, 12 Jan 2013 03:22:50 GMT
I'm actually surprised it's not erroring out since the global result should
be a redirectAction since you're not forwarding to a JSP.

Dave

(On mobile device, please forgive typos, bizarre autocompletes, and top-
quoting.)
 On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <pbetbasoo@mesirowfinancial.com>
wrote:

> I have written a simple interceptor to check for an expired session.
> Here's the code:
>
> public class ExpiredSessionInterceptor extends AbstractInterceptor
> implements Constants
> {
>       private static final long serialVersionUID = 1L;
>       private String excludeActions = "";
>
>       public synchronized String intercept(ActionInvocation invocation)
> throws Exception
>       {
>             Map<String, Object> session =
> invocation.getInvocationContext().getSession();
>             String actionName = invocation.getProxy().getActionName();
>             if (excludeActions.indexOf(actionName) != -1) return
> invocation.invoke();
>
>             UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
>             if (userInfo == null)
>             {
>                   return "loginRequired";
>             }
>
>             return invocation.invoke();
>       }
>
>       public void setExcludeActions(String values)
>       {
>             excludeActions = values;
>       }
> }
>
> And here's struts.xml
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE struts PUBLIC
>     "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
>     "http://struts.apache.org/dtds/struts-2.0.dtd">
>
> <struts>
>
>       <constant name="struts.devMode" value="true" />
>
>       <package name="basicstruts2" extends="struts-default">
>
>             <interceptors>
>                   <interceptor name="expiredSessionInterceptor"
> class="mesirow.struts.ExpiredSessionInterceptor" />
>                   <interceptor-stack name="sessionExpirationStack">
>                         <interceptor-ref name="expiredSessionInterceptor">
>                               <param
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
>                         </interceptor-ref>
>                         <interceptor-ref name="defaultStack"/>
>                   </interceptor-stack>
>             </interceptors>
>
>             <default-interceptor-ref name="sessionExpirationStack" />
>
>       <global-results>
>                   <result name="loginRequired">loginRequired</result>
>             </global-results>
>
>             <action name="loginRequired">
>                   <result>/expiredSession.jsp</result>
>             </action>
>
>       </package>
>
> </struts>
>
> I have traced into this code and it is correctly returning "loginRequired"
> when the user is not logged in. The problem is, the expiredSession.jsp is
> not being shown.
>
> This app is entirely driven by ajax calls that return NONE from their
> struts action handlers.
>
> What I observe is that instead of showing the expiredSession.jsp, the ajax
> call goes through to its action handler (and fails). Why is the action
> handler for an ajax call being called when I am returning "loginRequired"?
>
>
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message