struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Newton <davelnew...@gmail.com>
Subject RE: Session Expired Interceptor
Date Sun, 13 Jan 2013 19:25:27 GMT
It's an ajax call-the results will be returned to the JavaScript that
called it.

You need to handle the redirect on the client side.

Dave
 On Jan 13, 2013 2:21 PM, "BetBasoo, Peter" <pbetbasoo@mesirowfinancial.com>
wrote:

> Chris:
>
> The javascript is expecting the result in XML format, not a jsp page.
>
> Isn't the interceptor supposed to redirect to expiredSession.jsp? In other
> words, isn't the ajax call that initiated this nullified because the
> interceptor returns "loginRequired"?
>
> That's the whole point of this global interceptor. If the session has
> expired, the user should be redirected to expiredSession.jsp, regardless of
> the call's origin.
>
> For example, the action I have defined below, getClientAccounts, is an
> ajax call. If the session has expired and the user clicks on the link that
> initiates this call, the user should be taken to expiredSession.jsp.
>
> Do I have to configure the result for "loginRequired" in this call? If so,
> I would have to do it for all of the ajax calls, so what would be the point
> of the global interceptor?
>
> What am I doing wrong?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 11:27 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> Well, the action handler for step 6 hasn't been defined in struts.xml, so
> it will use the struts default action handler, which simply returns
> SUCCESS.  That will trigger the JSP processor to process the
> /expiredSession.jsp and return it to the AJAX client, is that what the
> javascript handler is expecting?
>   (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Chris:
> >
> > Thanks for your help. You touched on two key points.
> >
> > The login procedure is ajax driven and processing a successful login
> > (i.e., moving to the next page) is handled on the client side.
> >
> > Regarding point 6, this is in fact an ajax request. The action handler
> > returns NONE. There are no results defined for the ajax action
> > (getClientAccounts). The client side (javascript) handler for this
> > request does not process loginRequired because I thought that it would
> > never get to that point because of the interceptor. Is this a valid
> assumption?
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 4:19 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > That looks right to me (except for the fact that if the user logs in
> > there are no results for getClientAccounts).
> >
> >
> >    1. What should be happening is that Struts runs the interceptor stack,
> >    finding your expiredSessionInterceptor first
> >    2. When it runs it, it finds that the user is not logged in and
> returns
> >    "loginRequired"
> >    3. Struts looks in the action definition in struts.xml for a <result
> >    name="loginRequired"> and doesn't find one
> >    4. Struts then looks at the global results for <result
> >    name="loginRequired"> and finds a match
> >    5. It should then send a redirect to the browser specifying the URL
> for
> >    the "loginRequired" action
> >    6. At that point, since there is no action class assigned, the
> >    "/expiredSession.jsp" file would be processed and returned to the
> > browser
> >    (of course if this is an AJAX request, the JavaScript better be
> > expecting
> >    whatever this .jsp file contains).
> >
> > but from your messages I'm assuming this is not what you're seeing.
> > You can either step through the process in the debugger and make sure
> > things are happening in that order, or (what I would probably do) put
> > log statements at each of those places (at the very least) and make
> > sure I'm seeing those events logged in the proper order.  Sorry, I
> > can't be more helpful than that.
> >
> >   (*Chris*)
> >
> >
> > On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > Yes, here's struts.xml with one ajax action (getClientAccounts).
> > > This action is executed when called even though the interceptor
> > > returns "loginRequired"
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > >     "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > >     "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > >         <constant name="struts.devMode" value="true" />
> > >
> > >         <package name="basicstruts2" extends="struts-default">
> > >
> > >                 <interceptors>
> > >                         <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > >                         <interceptor-stack
> name="sessionExpirationStack">
> > >                                 <interceptor-ref
> > > name="expiredSessionInterceptor">
> > >                                         <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogi
> > n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > >                                 </interceptor-ref>
> > >                                 <interceptor-ref name="defaultStack"/>
> > >                         </interceptor-stack>
> > >                 </interceptors>
> > >
> > >                 <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > >                 <global-results>
> > >                         <result type="redirectAction"
> > > name="loginRequired">loginRequired</result>
> > >                 </global-results>
> > >
> > >                 <action name="loginRequired">
> > >                         <result>/expiredSession.jsp</result>
> > >                 </action>
> > >
> > >                 <action name="getClientAccounts"
> > > class="mesirow.action.AccountActions"
> > method="getClientAccounts"></action>
> > >         </package>
> > >
> > > </struts>
> > >
> > > -----Original Message-----
> > > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > > Sent: Saturday, January 12, 2013 3:11 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > So you now have this in your struts.xml?
> > >
> > > <global-results>
> > >     <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > > </global-results>
> > >
> > >   (*Chris*)
> > >
> > >
> > >
> > > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > > pbetbasoo@mesirowfinancial.com> wrote:
> > >
> > > > I did put redirectAction action in, it's still not working. The
> > > > web page expiredSession.jsp  is not being shown and there is no
> > > > indication of an error having occurred.
> > > >
> > > > When I try this, I observe that the action that initiated the call
> > > > is still being called, even though the interceptor returns the
> > > > loginRequired result.
> > > >
> > > > Any ideas?
> > > >
> > > > -----Original Message-----
> > > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > > Sent: Friday, January 11, 2013 9:27 PM
> > > > To: Struts Users Mailing List
> > > > Subject: RE: Session Expired Interceptor
> > > >
> > > > You are missing the redirectAction. Use something like this:
> > > >
> > > > <result name="programming"
> > > > type="redirectAction">programming</result>
> > > >
> > > > In your case it would be:
> > > >
> > > >   <result name="loginRequired"
> > > > type="redirectAction">loginRequired</result>
> > > >
> > > > Regards,
> > > > Ajay Mahendru
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > > Sent: Friday, January 11, 2013 8:23 PM
> > > > To: Struts Users Mailing List
> > > > Subject: Re: Session Expired Interceptor
> > > >
> > > > I'm actually surprised it's not erroring out since the global
> > > > result should be a redirectAction since you're not forwarding to a
> JSP.
> > > >
> > > > Dave
> > > >
> > > > (On mobile device, please forgive typos, bizarre autocompletes,
> > > > and
> > > > top-
> > > > quoting.)
> > > >  On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > > pbetbasoo@mesirowfinancial.com>
> > > > wrote:
> > > >
> > > > > I have written a simple interceptor to check for an expired
> session.
> > > > > Here's the code:
> > > > >
> > > > > public class ExpiredSessionInterceptor extends
> > > > > AbstractInterceptor implements Constants {
> > > > >       private static final long serialVersionUID = 1L;
> > > > >       private String excludeActions = "";
> > > > >
> > > > >       public synchronized String intercept(ActionInvocation
> > > > > invocation) throws Exception
> > > > >       {
> > > > >             Map<String, Object> session =
> > > > > invocation.getInvocationContext().getSession();
> > > > >             String actionName =
> > invocation.getProxy().getActionName();
> > > > >             if (excludeActions.indexOf(actionName) != -1) return
> > > > > invocation.invoke();
> > > > >
> > > > >             UserInfo userInfo = (UserInfo)
> > session.get(Attr_UserInfo);
> > > > >             if (userInfo == null)
> > > > >             {
> > > > >                   return "loginRequired";
> > > > >             }
> > > > >
> > > > >             return invocation.invoke();
> > > > >       }
> > > > >
> > > > >       public void setExcludeActions(String values)
> > > > >       {
> > > > >             excludeActions = values;
> > > > >       }
> > > > > }
> > > > >
> > > > > And here's struts.xml
> > > > >
> > > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts
PUBLIC
> > > > >     "-//Apache Software Foundation//DTD Struts Configuration
> 2.0//EN"
> > > > >     "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > > >
> > > > > <struts>
> > > > >
> > > > >       <constant name="struts.devMode" value="true" />
> > > > >
> > > > >       <package name="basicstruts2" extends="struts-default">
> > > > >
> > > > >             <interceptors>
> > > > >                   <interceptor name="expiredSessionInterceptor"
> > > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > > >                   <interceptor-stack name="sessionExpirationStack">
> > > > >                         <interceptor-ref
> > > > name="expiredSessionInterceptor">
> > > > >                               <param
> > > > >
> > > > name="excludeActions">login,logout,index,certLogin.jsp,condo,condo
> > > > Lo gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > > >                         </interceptor-ref>
> > > > >                         <interceptor-ref name="defaultStack"/>
> > > > >                   </interceptor-stack>
> > > > >             </interceptors>
> > > > >
> > > > >             <default-interceptor-ref name="sessionExpirationStack"
> > > > > />
> > > > >
> > > > >       <global-results>
> > > > >                   <result
> name="loginRequired">loginRequired</result>
> > > > >             </global-results>
> > > > >
> > > > >             <action name="loginRequired">
> > > > >                   <result>/expiredSession.jsp</result>
> > > > >             </action>
> > > > >
> > > > >       </package>
> > > > >
> > > > > </struts>
> > > > >
> > > > > I have traced into this code and it is correctly returning
> > > > "loginRequired"
> > > > > when the user is not logged in. The problem is, the
> > > > > expiredSession.jsp is not being shown.
> > > > >
> > > > > This app is entirely driven by ajax calls that return NONE from
> > > > > their struts action handlers.
> > > > >
> > > > > What I observe is that instead of showing the
> > > > > expiredSession.jsp, the ajax call goes through to its action
> > > > > handler (and fails). Why is the action handler for an ajax call
> > > > > being called when I am returning
> > > > "loginRequired"?
> > > > >
> > > > >
> > > > > Visit us on the Web at mesirowfinancial.com
> > > > >
> > > > > This communication may contain privileged and/or confidential
> > > > information.
> > > > > It is intended solely for the use of the addressee. If you are
> > > > > not the intended recipient, you are strictly prohibited from
> > > > > disclosing, copying, distributing or using any of this
> > > > > information. If you received this communication in error, please
> > > > > contact the sender immediately and destroy the material in its
> > > > > entirety, whether electronic
> > > > or hard copy.
> > > > > Confidential, proprietary or time-sensitive communications
> > > > > should not be transmitted via the Internet, as there can be no
> > > > > assurance of actual or timely delivery, receipt and/or
> > > > > confidentiality. This is not an offer, or solicitation of any
> > > > > offer to buy or sell any security, investment or other product.
> > > > >
> > > >
> > > > ------------------------------------------------------------------
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are not
> > > > the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications should
> > > > not be transmitted via the Internet, as there can be no assurance
> > > > of actual or timely delivery, receipt and/or confidentiality. This
> > > > is not an offer, or solicitation of any offer to buy or sell any
> > > > security, investment or other product.
> > > >
> > > >
> > > > ------------------------------------------------------------------
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from disclosing,
> > > copying, distributing or using any of this information. If you
> > > received this communication in error, please contact the sender
> > > immediately and destroy the material in its entirety, whether
> > > electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance of
> > > actual or timely delivery, receipt and/or confidentiality. This is
> > > not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not the
> > intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should not
> > be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is not
> > an offer, or solicitation of any offer to buy or sell any security,
> > investment or other product.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message