We were going to implement this today or early next week :-)...looking at the code, I feel you don't need to extend ActionServlet at all. Instead the filter will create the request before forwarding to the ActionServlet.
public class LoginFilter implements Filter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest)request; ServletContext context = filterConfig.getServletContext(); If ( !loggedIn ) { // save all parameters to session // save current URI as REDIRECT_URI in session // redirect to login action } else if ( redirectUriIsSet ) { RedirectServletRequest newreq = new RedirectServletRequest(request); Chain.doFilter(newreq, response); } } Thanks -- pady [EMAIL PROTECTED] -----Original Message----- From: Martin Alley [mailto:[EMAIL PROTECTED] Sent: Friday, March 26, 2004 10:35 AM To: 'Struts Users Mailing List' Subject: RE: How does ActionForm data pass through container called form based login page? Paddy, Looks like you've been here before!! :-) It'll take me a bit of time to digest this, but I'll have a look. Does this actually work for you? Thanks Martin -----Original Message----- From: Pady Srinivasan [mailto:[EMAIL PROTECTED] Sent: 26 March 2004 15:21 To: Struts Users Mailing List Subject: RE: How does ActionForm data pass through container called form based login page? This is the only solution I can think of: public class RedirectServletRequest extends HttpServletRequest { public RedirectServletRequest(HttpServletRequest req) { this.request = req; } public String getParameter(String name) { if ( request.getParameter(name) == null ) { String paramVal = (String)request.getSession(). getAttribute("TEMP_SAVED_PARAM"); request.getSession().removeAttribute("TEMP_SAVED_PARAM"); return paramVal; } return (String)request.getParameter(name); } // override all other methods using the delegate request } public class RedirectActionServlet extends ActionServlet { public void doPost(HttpServletRequest request, ...) { process(new RedirectActionServlet(request), response); } public void doGet(HttpServletRequest request, ...) { process(new RedirectActionServlet(request), response); } } public class LoginFilter implements Filter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest)request; ServletContext context = filterConfig.getServletContext(); If ( !loggedIn ) { // save all parameters to session // save current URI as REDIRECT_URI in session // redirect to login action } } public class LoginAction extends Action { public void execute(...) { // do login // login success // redirect to REDIRECT_URI } } Thanks -- pady [EMAIL PROTECTED] -----Original Message----- From: Martin Alley [mailto:[EMAIL PROTECTED] Sent: Friday, March 26, 2004 8:59 AM To: 'Struts Users Mailing List' Subject: RE: How does ActionForm data pass through container called form based login page? Well I've just simplified by login form - plain html - no struts stuff going on. I've also simplified the filter so detects a fresh logon and starts a session accordingly - no longer any redirecting to LoginAction. However the critical behaviour is still the same - existingCustomerForm - the one I need to survive the login process still ends up getting trashed. I'm wondering if I have to make every form (that might span a session timeout) part of the login page so that it stays alive - this sounds like a ridiculous solution. Has anyone else got a solution? Thanks Martin -----Original Message----- From: Martin Alley [mailto:[EMAIL PROTECTED] Sent: 26 March 2004 09:41 To: [EMAIL PROTECTED] Subject: How does ActionForm data pass through container called form based login page? Hi, Suppose I've got a web based form that posts data to an action, and I have that action protected by container form based authorization - how does the ActionForm data get through. I have a situation like this, and my ActionForm is empty after I've been through the form-based login page. One could say - stick the input form in the constrained area also, so the login page doesn't come between the input form and the action that processes it - but this is actually occurring when a session times out whilst sitting at the input form. Thanks Martin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This e-mail has been scanned by the Heroix e-mail security system ______________________________________________________________________ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This e-mail has been scanned by the Heroix e-mail security system ______________________________________________________________________ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]