struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antonio Sánchez <juntandolin...@gmail.com>
Subject Re: S2 custom authentication: remembering original request
Date Fri, 12 Jul 2013 11:03:50 GMT
I'm having problems with chaining. I have tried several ways but none works. For instance:

1. http://localhost/mycontext/secure/protected => Login.jsp (${#request.url} is readable
in jsp).

2. Login.jsp => submit (correct user/pwd) => ERROR: Infinite recursion detected: [//authenticate!authenticate,
//, //] (url not available as request attribute)

When submitting, request attribute 'url' is not present in the action, I guess because result
type of "input" is "dispatcher", not "chain", but using type "chain" with a JSP causes St2
to complain, and won't find any action. 

Pseudo-code:

INTERCEPTOR
	if (userInSession == null) {
            request.setAttribute("url", request.getServletPath());
            return "AUTHENTICATE";	
	}

	return invocation.invoke();

STRUTS.XML

 - package base, namespace ""
	- defines interceptor SECURE and default interceptor stack (SECURE, DEFAULTSTACK).
	- defines global result:
            <result name="AUTHENTICATE" type="chain">
                <param name="actionName">authenticate</param>
                <param name="namespace">/</param>
            </result>

 - package root extends base, namespace "/"
        <action name="authenticate" class...>
            <result type="chain">
                <param name="actionName">${#request.url}</param>
            </result>            
            <result name="input">/Login.jsp</result>
        </action>
        
 - package secure extends base, namespace "/secure"
        <action name="protected" class=...>
            <result>/secure/Protected.jsp</result>
        </action>    

ACTION AUTHENTICATE

        if (userInSession != null ) {
		request.getSession().setAttribute("USER_IN_SESSION", userInSession);
		//expecting original url is a request attribute
		return SUCCESS;
        } else {
            return INPUT;
        }

At the moment I've not been able to implement the requirement. 


El Miércoles, 10 de julio de 2013 10:07:36 Paul Benedict escribió:
> Forwarding to another action means you want to do chaining:
> http://struts.apache.org/release/2.3.x/docs/action-chaining.html
> 
> <result type="chain">
>     <param name="actionName">autenticar</param>
> </result>
> 
> 
> On Wed, Jul 10, 2013 at 10:00 AM, Antonio Sánchez
> <juntandolineas@gmail.com>wrote:
> 
> > Can't forward even without using global results:
> >
> >  http://localhost:8084/mycontext/autenticar => login.jsp - OK
> >
> >         <action name="forward">
> >             <result>/autenticar</result>
> >         </action>
> >
> > http://localhost:8084/mycontext/forward => 404 ERROR -
> > /mycontext/autenticar not available
> >
> > Which is the right way to forward to actions?
> >
> > Using 2.3.15.
> >
> > El Miércoles, 10 de julio de 2013 15:29:51 usted escribió:
> > > > Second question: because it's a redirect, hence a new request.
> > >
> > > http://localhost:8084/mycontext/autenticar => login.jsp - OK
> > >
> > > Returned by interceptor:
> > >
> > >         <global-results>
> > >             <result name="AUTENTICAR">/autenticar</result>
> > >         </global-results>
> > >
> > > http://localhost:8084/mycontext/admin/protected => 404 ERROR -
> > /mycontext/autenticar not available
> > >
> > > How should I "forward" to actions?
> > >
> > >
> > >
> > > El Miércoles, 10 de julio de 2013 07:43:38 Dave Newton escribió:
> > > > Second question: because it's a redirect, hence a new request.
> > > >
> > > > Dave
> > > >  On Jul 10, 2013 7:28 AM, "Antonio Sánchez" <juntandolineas@gmail.com>
> > > >
> > > > wrote:
> > > > > Use Case: request some protected resource -> redirect action for
> > > > > authentication -> access protected resource.
> > > > >
> > > > > I'm using a custom interceptor that redirects (redirectAction) to
a
> > global
> > > > > result if no user object is found in session. The final action
> > result then
> > > > > redirects to a login page.
> > > > >
> > > > > The interceptor gets the original action requested (using
> > > > > request.getServletPath(), but not sure if this is right), and puts
> > it in
> > > > > the value stack. It would be used with dynamic redirection in the
> > final
> > > > > result upon login success( ${nextAction} ) . This action must be
> > passed in
> > > > > between redirections.
> > > > >
> > > > > But I need to reuse the original request. Reconstructing the request
> > with
> > > > > a query string is not an option. I need the original request:
> > GET/POST
> > > > > method, all parameters/values, maybe uploading binary content
> > > > > (inputstream), maybe headers...
> > > > >
> > > > > Is it possible to do this? How?
> > > > >
> > > > > ------
> > > > >
> > > > > Partially related to this: I'm having problems with redirections.
The
> > > > > original request parameters are forwarded only using dispatcher
> > result .
> > > > > If
> > > > > I use redirectAction or redirect, original params are lost. Why?
> > > > >
> > > > > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > > For additional commands, e-mail: user-help@struts.apache.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> 
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message