RES: Subclassing ActionServlet
A simple way that I use do go: Super Action class, like: UserMustBeLoggedAction{ execute(attribs){ verify session stuff if ok - myExecute(attribs); else return ActionForward; } abstract myExecute(attribs); } NewAction extends UserMustBeLoggedAction{ myExecute(){ .. } } What do experts recommend?? Regards Felipe -Mensagem original- De: Gopal Venkata Achi [mailto:[EMAIL PROTECTED] Enviada em: quinta-feira, 4 de dezembro de 2003 18:55 Para: Struts Users Mailing List Assunto: RE: Subclassing ActionServlet Hi I have come across a plug-in for Struts, that is called as SAIF (Struts Action Invocation Framework), which enables us to write a pre-action and post action methods. You can use PreAction method for doing all the session authentication, etc., I did not really use this, but the features are available at : http://struts.sourceforge.net/saif/ http://struts.sourceforge.net/saif/ Any thoughts on this. Regards, Gopal -Original Message- From: Fullam, Jonathan [mailto:[EMAIL PROTECTED] Sent: Thu 12/4/2003 1:07 PM To: 'Struts Users Mailing List' Cc: Subject: Subclassing ActionServlet All, I need to check the Session for an authenticated user before most requests. To do this I subclassed ActionServlet and only call super(request, response) upon verification that authenticated user is in the Session. if (request.getRequestURI().endsWith(welcome.do) | request.getRequestURI().endsWith(logon.do) | request.getRequestURI().endsWith(html)) { super.process(request, response); } else if (request.getSession().getAttribute(USER) == null) { //Forward to login page response.sendRedirect(/welcome.do); } I also know about the ability to subclass the RequestProcessor and providing my own implementation of the processPreprocess method to accomplish the same thing. Does anybody know of any serious disadvantages or side effects of subclassing the ActionServlet class rather than the RequestProcessor class. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: RES: Subclassing ActionServlet
This way you can't extend other 'struts core actions' (Dispatch, Lookup...). I think a better way may be: - Using a filter (servlet 2.3) in order to pre and post process the request - Extending RequestDispatcher Regards, Guido. PD. I am not sure, but i think you can find a discussion about that in Struts in Action. Felipe Nascimento wrote: A simple way that I use do go: Super Action class, like: UserMustBeLoggedAction{ execute(attribs){ verify session stuff if ok - myExecute(attribs); else return ActionForward; } abstract myExecute(attribs); } NewAction extends UserMustBeLoggedAction{ myExecute(){ .. } } What do experts recommend?? Regards Felipe -Mensagem original- De: Gopal Venkata Achi [mailto:[EMAIL PROTECTED] Enviada em: quinta-feira, 4 de dezembro de 2003 18:55 Para: Struts Users Mailing List Assunto: RE: Subclassing ActionServlet Hi I have come across a plug-in for Struts, that is called as SAIF (Struts Action Invocation Framework), which enables us to write a pre-action and post action methods. You can use PreAction method for doing all the session authentication, etc., I did not really use this, but the features are available at : http://struts.sourceforge.net/saif/ http://struts.sourceforge.net/saif/ Any thoughts on this. Regards, Gopal -Original Message- From: Fullam, Jonathan [mailto:[EMAIL PROTECTED] Sent: Thu 12/4/2003 1:07 PM To: 'Struts Users Mailing List' Cc: Subject: Subclassing ActionServlet All, I need to check the Session for an authenticated user before most requests. To do this I subclassed ActionServlet and only call super(request, response) upon verification that authenticated user is in the Session. if (request.getRequestURI().endsWith(welcome.do) | request.getRequestURI().endsWith(logon.do) | request.getRequestURI().endsWith(html)) { super.process(request, response); } else if (request.getSession().getAttribute(USER) == null) { //Forward to login page response.sendRedirect(/welcome.do); } I also know about the ability to subclass the RequestProcessor and providing my own implementation of the processPreprocess method to accomplish the same thing. Does anybody know of any serious disadvantages or side effects of subclassing the ActionServlet class rather than the RequestProcessor class. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Guido Garca Bernardo - [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Tfn. +34 983 54 89 08 IT DEUSTO http://www.itdeusto.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RES: RES: Subclassing ActionServlet
Ok. Nice to know about filters. I have found this SecurityFilter Projetct at sourceforge. http://securityfilter.sourceforge.net/ Has anyone used it? Tks Felipe -Mensagem original- De: Guido García Bernardo [mailto:[EMAIL PROTECTED] Enviada em: sexta-feira, 5 de dezembro de 2003 08:42 Para: Struts Users Mailing List Assunto: Re: RES: Subclassing ActionServlet This way you can't extend other 'struts core actions' (Dispatch, Lookup...). I think a better way may be: - Using a filter (servlet 2.3) in order to pre and post process the request - Extending RequestDispatcher Regards, Guido. PD. I am not sure, but i think you can find a discussion about that in Struts in Action. Felipe Nascimento wrote: A simple way that I use do go: Super Action class, like: UserMustBeLoggedAction{ execute(attribs){ verify session stuff if ok - myExecute(attribs); else return ActionForward; } abstract myExecute(attribs); } NewAction extends UserMustBeLoggedAction{ myExecute(){ .. } } What do experts recommend?? Regards Felipe -Mensagem original- De: Gopal Venkata Achi [mailto:[EMAIL PROTECTED] Enviada em: quinta-feira, 4 de dezembro de 2003 18:55 Para: Struts Users Mailing List Assunto: RE: Subclassing ActionServlet Hi I have come across a plug-in for Struts, that is called as SAIF (Struts Action Invocation Framework), which enables us to write a pre-action and post action methods. You can use PreAction method for doing all the session authentication, etc., I did not really use this, but the features are available at : http://struts.sourceforge.net/saif/ http://struts.sourceforge.net/saif/ Any thoughts on this. Regards, Gopal -Original Message- From: Fullam, Jonathan [mailto:[EMAIL PROTECTED] Sent: Thu 12/4/2003 1:07 PM To: 'Struts Users Mailing List' Cc: Subject: Subclassing ActionServlet All, I need to check the Session for an authenticated user before most requests. To do this I subclassed ActionServlet and only call super(request, response) upon verification that authenticated user is in the Session. if (request.getRequestURI().endsWith(welcome.do) | request.getRequestURI().endsWith(logon.do) | request.getRequestURI().endsWith(html)) { super.process(request, response); } else if (request.getSession().getAttribute(USER) == null) { //Forward to login page response.sendRedirect(/welcome.do); } I also know about the ability to subclass the RequestProcessor and providing my own implementation of the processPreprocess method to accomplish the same thing. Does anybody know of any serious disadvantages or side effects of subclassing the ActionServlet class rather than the RequestProcessor class. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Guido García Bernardo - [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Tfn. +34 983 54 89 08 IT DEUSTO http://www.itdeusto.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.547 / Virus Database: 340 - Release Date: 2/12/2003 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]