I've added some files as an example. How i manage the user sessions.
----- Original Message ----- From: "Arik Levin ( Tikal )" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> Sent: Tuesday, December 31, 2002 11:59 AM Subject: RE: How to forward from a struts form to a login dialog ? > There are two main solutions: > > The first one is more effective, including JAAS. > You have to make a form that call j_security_check action with j_password > and j_username inputs, the web server has its own security engine that > throws you to your first login page if you are not authorized. > > The second solution is simpler. You make a base action which store your user > information at the HttpSession after it has been authorized. Every action > you have at your application should extend this base action. In case of > session timeout or user not authorized just forward to your login page. > > I hope this helps you. > > Arik. > > -----Original Message----- > From: Zsolt Koppany [mailto:[EMAIL PROTECTED]] > Sent: Thursday, November 07, 2002 11:18 AM > To: [EMAIL PROTECTED] > Subject: How to forward from a struts form to a login dialog ? > > Hi, > > in a struts form I want to check whether to user has already logged in. If > not, instead of showing the form I want to forward the user to a login > dialog > and he must log in. After the user logged in, I want him to come back to the > > form and I have to restore the original parameters of the form. > > What is the best solution? > > > Zsolt > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > >
/*
* $Archive: $
*
* $Workfile: $
* $Revision: $
* $Date: $
* $Author: $
*
* Copyright 2002 J-Instance. All Rights Reserved.
*
* This software is the proprietary information of J-Instance.
* Use is subject to license terms.
*
*/
package com.jinstance.ibep.login;
import org.apache.struts.action.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.naming.*;
import org.apache.commons.beanutils.*;
import com.jinstance.ibep.action.*;
// RMA:
import org.apache.log4j.PropertyConfigurator;
import org.apache.log4j.Logger;
import org.apache.log4j.Priority;
public class LoginAction extends DefaultAction {
static Logger logger = Logger.getLogger(LoginAction.class.getName());
private String sessionUsernamePath;
private String loginname,
password;
/**
* This is the main action called from the Struts framework.
* @param mapping The ActionMapping used to select this instance.
* @param form The optional ActionForm bean for this request.
* @param request The HTTP Request we are processing.
* @param response The HTTP Response we are processing.
*/
public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
PropertyConfigurator.configure("log4j.properties");
logger.
ActionErrors ae = new ActionErrors();
/** Get the path to the username for this application. */
sessionUsernamePath = getSessionUsernamePath();
try {
/** Retrieve the login data from the form. */
loginname = (String)PropertyUtils.getSimpleProperty(form, "loginname");
password = (String)PropertyUtils.getSimpleProperty(form, "password");
} catch (Exception e) {
logger.error("Missing loginname or password method within the LoginActionForm", e);
System.out.println (e);
}
/** Create a user session. */
HttpSession session = request.getSession(true);
/** Set the username at the path specified in the web.xml file */
session.setAttribute(sessionUsernamePath, loginname);
logger.info("User " + loginname + " succesfully logged into the application");
return mapping.findForward(ACTION_SUCCESS);
}
private String getSessionUsernamePath() throws ServletException {
try {
Context context = new InitialContext();
return (String)context.lookup("java:comp/env/session/username");
} catch(NamingException namingException) {
logger.fatal("Missing <env-entry> in web.xml (session/username) ", namingException);
throw new ServletException("Missing <env-entry> in web.xml (session/username)");
/*
* $Archive: $
*
* $Workfile: $
* $Revision: $
* $Date: $
* $Author: $
*
* Copyright 2002 J-Instance. All Rights Reserved.
*
* This software is the proprietary information of J-Instance.
* Use is subject to license terms.
*
*/
package com.jinstance.ibep.login;
import org.apache.struts.action.*;
import javax.servlet.http.*;
public class LoginActionForm extends ActionForm {
protected String loginname = null;
protected String password = null;
/**
* Reset all properties to their default values.
* @param mapping The ActionMapping used to select this instance.
* @param request The HTTP Request we are processing.
*/
public void reset(ActionMapping mapping, HttpServletRequest request) {
loginname = null;
password = null;
}
/**
* Validate all properties to their default values.
* @param mapping The ActionMapping used to select this instance.
* @param request The HTTP Request we are processing.
* @return ActionErrors A list of all errors found.
*/
public ActionErrors validate(ActionMapping mapping, HttpServletRequest request) {
final ActionErrors ae = new ActionErrors ();
/** Check the loginname for length. */
if (loginname.length() == 0) {
ae.add("username", new ActionError("error.username.required"));
} else if (!loginname.equals("ronald mathies")) {
ae.add("username", new ActionError("error.username.false", loginname));
}
/** Check the password for length. */
if (password.length() == 0) {
ae.add("password", new ActionError("error.password.required"));
} else if (!password.equals("1nf1n1ty")) {
ae.add("password", new ActionError("error.password.false"));
}
return ae;
}
public String getLoginname() {
return loginname;
}
public void setLoginname(String loginname) {
this.loginname = loginname;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
/*
* $Archive: $
*
* $Workfile: $
* $Revision: $
* $Date: $
* $Author: $
*
* Copyright 2002 J-Instance. All Rights Reserved.
*
* This software is the proprietary information of J-Instance.
* Use is subject to license terms.
*
*/
package com.jinstance.ibep.login;
import javax.servlet.*;
import java.io.*;
import javax.servlet.http.*;
import javax.naming.*;
public class LoginCheckFilter implements Filter {
private FilterConfig filterConfig = null;
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
public void destroy() {
this.filterConfig = null;
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
Context context;
String SessionUsernamePath = null;
/** Get the HTTP version */
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
try {
/** Retrieve the session path from the web.xml file */
context = new InitialContext();
SessionUsernamePath = (String)context.lookup("java:comp/env/session/username");
/** Get the session of this browser session (if excist) */
HttpSession session = httpRequest.getSession();
/** Check to see if the user is logged in */
if (session.getAttribute(SessionUsernamePath) == null) {
String uri = httpRequest.getRequestURI();
String contextPath = httpRequest.getContextPath();
/** Check to see if the request came from the login page
* if so then we shouldn't redirect becouse this ends into
* a loop.
*/
if (!uri.startsWith(contextPath.concat("/login/")) &&
!uri.startsWith(contextPath.concat("/LoginAction.do")) &&
!uri.startsWith(contextPath.concat("/images/")) &&
!uri.startsWith(contextPath.concat("/css/"))) {
httpResponse.sendRedirect(contextPath.concat("/login/LoginForm.jsp"));
}
}
} catch(Exception e) {
throw new ServletException("Missing <env-entry> in web.xml (session/username)\n\r" + e);
}
chain.doFilter(request, response);
}
}
LoginForm.properties
Description: Binary data
LoginForm_de.properties
Description: Binary data
LoginForm_nl.properties
Description: Binary data
/*
* $Archive: $
*
* $Workfile: $
* $Revision: $
* $Date: $
* $Author: $
*
* Copyright 2002 J-Instance. All Rights Reserved.
*
* This software is the proprietary information of J-Instance.
* Use is subject to license terms.
*
*/
package com.jinstance.ibep.login;
import org.apache.struts.action.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import com.jinstance.ibep.action.*;
public class LogoutAction extends DefaultAction {
/**
* This is the main action called from the Struts framework.
* @param mapping The ActionMapping used to select this instance.
* @param form The optional ActionForm bean for this request.
* @param request The HTTP Request we are processing.
* @param response The HTTP Response we are processing.
*/
public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
/** Retrieve the current user session, but dont create one. */
HttpSession session = request.getSession(false);
/** Invalidate this session. All session set information will be destroyed*/
session.invalidate();
return mapping.findForward(ACTION_SUCCESS);
}
}
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
