Re: Saving HTTP Request Info
Neal Kaiser wrote: > I'm brand new to struts, so forgive me if this has been covered heavily. > > Let's say I am POSTing a bunch of information from a form to an > ActionServlet. This ActionServlet will > detect I'm not logged in and ask me to log in (by redirecting me to > logon.jsp for example). Now, after I successfully log in to the Logon > ActionServlet, I want to submit all that POSTed form stuff just as if I was > logged in the first time. > > Does struts have a mechanism for this, or should I just write my request > info to my session before logging in and read it in after? > The normal assumption in Struts is that you are using container-managed security for this. In general, the information you POSTed (if this is the first request that is to a protected resource) will be saved while authentication occurs, and then "replayed" to the server after you have been authenticated. For applications that manage their own logins, it is probably easier to insist that every single page test for an authenticated user first, and redirect to the login page if not. The Struts example application does this -- partially by use of an application-specific custom tag (app:checkLogon) that performs this check at the top of every page. The tag is application-specific, because the notion of what constitutes a "logged on user" is application specific as well. > Thanks. Craig
Re: Saving HTTP Request Info
On 12/28/2000 at 10:47 PM Neal Kaiser wrote: > Let's say I am POSTing a bunch of information from a form to an ActionServlet. Usually, you would never get the chance to complete the form, since the JSP can see that you are not logged in, and forward you to the login form before you get the chance to enter anything ;-) But one good trick would be to return the user to the JSP that they were trying to access in the first place. I think they way to do that would be to have the CheckLoginTag store a "bookmark" attribute in the request session with current URI, and then have the Login's action check for the attribute before forwarding you to the default "after-login" location. If for any reason they were able to complete the form without logging in, the Struts Form tag would save the data to it's form bean,and so it could be redisplayed after logging in (like a response to a validation error). The Struts Example application demonstrates a CheckLoginTag. There is also an article about the Example at < http://husted.com/about/struts/ > *** REPLY SEPARATOR *** On 12/28/2000 at 10:47 PM Neal Kaiser wrote: I'm brand new to struts, so forgive me if this has been covered heavily. Let's say I am POSTing a bunch of information from a form to an ActionServlet. This ActionServlet will detect I'm not logged in and ask me to log in (by redirecting me to logon.jsp for example). Now, after I successfully log in to the Logon ActionServlet, I want to submit all that POSTed form stuff just as if I was logged in the first time. Does struts have a mechanism for this, or should I just write my request info to my session before logging in and read it in after? Thanks.
Saving HTTP Request Info
I'm brand new to struts, so forgive me if this has been covered heavily. Let's say I am POSTing a bunch of information from a form to an ActionServlet. This ActionServlet will detect I'm not logged in and ask me to log in (by redirecting me to logon.jsp for example). Now, after I successfully log in to the Logon ActionServlet, I want to submit all that POSTed form stuff just as if I was logged in the first time. Does struts have a mechanism for this, or should I just write my request info to my session before logging in and read it in after? Thanks.