Hi
There was a previous discussion in regards to catering for SSL redirection.
These emails are listed on Ted's website (www.husted.com). I took the
suggestions from these discussion and managed to implement the SSL
redirection. However I realise that beans assigned to the request object
disappear after redirection but beans assigned to the session stays.
My shopping cart check out scenario.
customer_mailing_address.jsp --> checkAddressAction.do -->
customer_creditcard_detail.jsp --> processCreditCardAction.do -->
confirmpurchase.jsp.
STRUTS-Config.xml
<action path="/checkout1" type="checkOutAction.do"
attribute="customerForm"
scope="request" validate="false">
<forward name="success"
path="/jsp/customer_mailing_address.jsp"/>
</action>
<action path="/checkout2" type="checkAddressAction.do"
attribute="customerForm"
scope="request" validate="false">
<forward name="success"
path="/jsp/customer_creditcard_detail.jsp"/>
</action>
<action path="/checkout3" type="processCreditCardAction.do"
attribute="customerForm"
scope="request" validate="false">
<forward name="success" path="/jsp/confirmpurchase.jsp"/>
</action>
We have a requirement to secure the browser when the guest enters their
credit card info on the customer_creditcard_detail.jsp and to unsecure the
browser when displaying the purchase confirmation confirmpurchase.jsp.
Hence I placed some code in checkAddressAction to 'redirect' the protocol
from "http" to "https" which works however all the "<bean:write ../>"
statement fails in the customer_creditcard_detail.jsp as the redirection
clears out all request attribute (this is what I observe or I could be
totally wrong). Similarly I placed some code in processCreditCardAction.do
to convert the protocol from "https" back to "http", again the "<bean:write
../>" in confirmpurchase.jsp fails. When I change the scope to "session"
both pages work.
<action path="/checkout1" type="checkOutAction.do"
attribute="customerForm"
scope="session" validate="false">
<forward name="success"
path="/jsp/customer_mailing_address.jsp"/>
</action>
<action path="/checkout2" type="checkAddressAction.do"
attribute="customerForm"
scope="session" validate="false">
<forward name="success"
path="/jsp/customer_creditcard_detail.jsp"/>
</action>
<action path="/checkout3" type="processCreditCardAction.do"
attribute="customerForm"
scope="session" validate="false">
<forward name="success" path="/jsp/confirmpurchase.jsp"/>
</action>
Personally I would not use scope="session" but in this case I have no other
choice. I would like to hear how you would go about overcoming this scenario
(ie still be able to pass beans to the jsp via the request object instead of
the session object) ?
Thanks in advance.
Michael Mok
www.teatimej.com
