Eric, The messages you see are the result of validation errors and exceptions being thrown by the security service. In the banking example, the LoginForm performs the validation to ensure that both fields have been populated by the user. If not, the application doesn't even bother attempting to authenticate against the service. (Note: Since this example is earlier in the book, I was not using Dynamic Forms and/or the Validator like I do in the Storefront later in the book)
The InvalidLoginException is thrown when both fields have been populated, but fail to authenticate against some security realm, there's really no security realm used here, but in real life this might be a RDBMS, LDAP, etc. I hope that explains things better. Chuck > > From: "Eric Tse" <[EMAIL PROTECTED]> > Date: 2002/12/05 Thu AM 02:19:50 EST > To: <[EMAIL PROTECTED]> > Subject: Oreilly Banking example - Login > > Hi all, > > I tried the online banking example from Oreilly >(http://examples.oreilly.com/jakarta/) . And I have a question of it and hope you can >help. > > In struts-config.xml, it shows: > <action > path="/login" > type="com.oreilly.struts.banking.action.LoginAction" > scope="request" > name="loginForm" > validate="true" > input="/login.jsp"> > <forward name="Success" path="/action/getaccountinformation" redirect="true"/> > <forward name="Failure" path="/login.jsp" redirect="true"/> > </action> > > My understanding of the example is the following, please correct me if I understand >wrong. > 1. http://localhost:8080/banking > 2. Login.jsp loaded, a form named loginForm is displayed, >action=/banking/action/login > 3. org.apache.struts.action.ActionServlet dispatches to >"com.oreilly.struts.banking.action.LoginAction" > 4. "com.oreilly.struts.banking.action.LoginAction" logins to SecurityService > 5. SecurityService determines if login successful. If Yes, >"com.oreilly.struts.banking.action.LoginAction" continues to execute and finally >forward to /action/getaccountinformation. If No, SecurityService throws >InvalidLoginException to ancestor (LoginAction), which throws Exception. > > My question appears in here. Which class handles the Exception and show the correct >error message? And so, where to define the error message? I saw different error >message, e.g.: > 1. The Access Number is required for login > 2. The Pin Number is required for login > 3. Invalid Access Number and/or Pin > > Thanks a lot. > > --- > Eric Tse > SCP, SCWCD > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
