RES: Subclassing ActionServlet
A simple way that I use do go:
Super Action class, like:
UserMustBeLoggedAction{
execute(attribs){
verify session stuff
if ok - myExecute(attribs);
else return ActionForward;
}
abstract myExecute(attribs);
}
NewAction extends UserMustBeLoggedAction{
myExecute(){
..
}
}
What do experts recommend??
Regards
Felipe
-Mensagem original-
De: Gopal Venkata Achi [mailto:[EMAIL PROTECTED]
Enviada em: quinta-feira, 4 de dezembro de 2003 18:55
Para: Struts Users Mailing List
Assunto: RE: Subclassing ActionServlet
Hi
I have come across a plug-in for Struts, that is called as SAIF (Struts
Action Invocation Framework), which enables us to write a pre-action and
post action methods. You can use PreAction method for doing all the
session authentication, etc., I did not really use this, but the
features are available at : http://struts.sourceforge.net/saif/
http://struts.sourceforge.net/saif/
Any thoughts on this.
Regards,
Gopal
-Original Message-
From: Fullam, Jonathan [mailto:[EMAIL PROTECTED]
Sent: Thu 12/4/2003 1:07 PM
To: 'Struts Users Mailing List'
Cc:
Subject: Subclassing ActionServlet
All,
I need to check the Session for an authenticated user before
most requests.
To do this I subclassed ActionServlet and only call
super(request, response)
upon verification that authenticated user is in the Session.
if (request.getRequestURI().endsWith(welcome.do) |
request.getRequestURI().endsWith(logon.do) |
request.getRequestURI().endsWith(html))
{
super.process(request, response);
}
else if (request.getSession().getAttribute(USER) == null)
{
//Forward to login page
response.sendRedirect(/welcome.do);
}
I also know about the ability to subclass the RequestProcessor
and
providing my own implementation of the processPreprocess method
to
accomplish the same thing.
Does anybody know of any serious disadvantages or side effects
of
subclassing the ActionServlet class rather than the
RequestProcessor class.
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: RES: Subclassing ActionServlet
This way you can't extend other 'struts core actions' (Dispatch, Lookup...).
I think a better way may be:
- Using a filter (servlet 2.3) in order to pre and post process the request
- Extending RequestDispatcher
Regards,
Guido.
PD. I am not sure, but i think you can find a discussion about that in
Struts in Action.
Felipe Nascimento wrote:
A simple way that I use do go:
Super Action class, like:
UserMustBeLoggedAction{
execute(attribs){
verify session stuff
if ok - myExecute(attribs);
else return ActionForward;
}
abstract myExecute(attribs);
}
NewAction extends UserMustBeLoggedAction{
myExecute(){
..
}
}
What do experts recommend??
Regards
Felipe
-Mensagem original-
De: Gopal Venkata Achi [mailto:[EMAIL PROTECTED]
Enviada em: quinta-feira, 4 de dezembro de 2003 18:55
Para: Struts Users Mailing List
Assunto: RE: Subclassing ActionServlet
Hi
I have come across a plug-in for Struts, that is called as SAIF (Struts
Action Invocation Framework), which enables us to write a pre-action and
post action methods. You can use PreAction method for doing all the
session authentication, etc., I did not really use this, but the
features are available at : http://struts.sourceforge.net/saif/
http://struts.sourceforge.net/saif/
Any thoughts on this.
Regards,
Gopal
-Original Message-
From: Fullam, Jonathan [mailto:[EMAIL PROTECTED]
Sent: Thu 12/4/2003 1:07 PM
To: 'Struts Users Mailing List'
Cc:
Subject: Subclassing ActionServlet
All,
I need to check the Session for an authenticated user before
most requests.
To do this I subclassed ActionServlet and only call
super(request, response)
upon verification that authenticated user is in the Session.
if (request.getRequestURI().endsWith(welcome.do) |
request.getRequestURI().endsWith(logon.do) |
request.getRequestURI().endsWith(html))
{
super.process(request, response);
}
else if (request.getSession().getAttribute(USER) == null)
{
//Forward to login page
response.sendRedirect(/welcome.do);
}
I also know about the ability to subclass the RequestProcessor
and
providing my own implementation of the processPreprocess method
to
accomplish the same thing.
Does anybody know of any serious disadvantages or side effects
of
subclassing the ActionServlet class rather than the
RequestProcessor class.
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Guido Garca Bernardo - [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
Tfn. +34 983 54 89 08
IT DEUSTO http://www.itdeusto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RES: RES: Subclassing ActionServlet
Ok. Nice to know about filters.
I have found this SecurityFilter Projetct at sourceforge.
http://securityfilter.sourceforge.net/
Has anyone used it?
Tks
Felipe
-Mensagem original-
De: Guido García Bernardo [mailto:[EMAIL PROTECTED]
Enviada em: sexta-feira, 5 de dezembro de 2003 08:42
Para: Struts Users Mailing List
Assunto: Re: RES: Subclassing ActionServlet
This way you can't extend other 'struts core actions' (Dispatch,
Lookup...).
I think a better way may be:
- Using a filter (servlet 2.3) in order to pre and post process the
request
- Extending RequestDispatcher
Regards,
Guido.
PD. I am not sure, but i think you can find a discussion about that in
Struts in Action.
Felipe Nascimento wrote:
A simple way that I use do go:
Super Action class, like:
UserMustBeLoggedAction{
execute(attribs){
verify session stuff
if ok - myExecute(attribs);
else return ActionForward;
}
abstract myExecute(attribs);
}
NewAction extends UserMustBeLoggedAction{
myExecute(){
..
}
}
What do experts recommend??
Regards
Felipe
-Mensagem original-
De: Gopal Venkata Achi [mailto:[EMAIL PROTECTED]
Enviada em: quinta-feira, 4 de dezembro de 2003 18:55
Para: Struts Users Mailing List
Assunto: RE: Subclassing ActionServlet
Hi
I have come across a plug-in for Struts, that is called as SAIF (Struts
Action Invocation Framework), which enables us to write a pre-action
and post action methods. You can use PreAction method for doing all
the session authentication, etc., I did not really use this, but the
features are available at : http://struts.sourceforge.net/saif/
http://struts.sourceforge.net/saif/
Any thoughts on this.
Regards,
Gopal
-Original Message-
From: Fullam, Jonathan [mailto:[EMAIL PROTECTED]
Sent: Thu 12/4/2003 1:07 PM
To: 'Struts Users Mailing List'
Cc:
Subject: Subclassing ActionServlet
All,
I need to check the Session for an authenticated user before
most
requests.
To do this I subclassed ActionServlet and only call
super(request,
response)
upon verification that authenticated user is in the Session.
if (request.getRequestURI().endsWith(welcome.do) |
request.getRequestURI().endsWith(logon.do) |
request.getRequestURI().endsWith(html))
{
super.process(request, response);
}
else if (request.getSession().getAttribute(USER) == null)
{
//Forward to login page
response.sendRedirect(/welcome.do);
}
I also know about the ability to subclass the RequestProcessor
and
providing my own implementation of the processPreprocess method
to
accomplish the same thing.
Does anybody know of any serious disadvantages or side effects
of
subclassing the ActionServlet class rather than the
RequestProcessor class.
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Guido García Bernardo - [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
Tfn. +34 983 54 89 08
IT DEUSTO http://www.itdeusto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
