I have written a simple interceptor to check for an expired session. Here's the
code:
public class ExpiredSessionInterceptor extends AbstractInterceptor implements
Constants
{
private static final long serialVersionUID = 1L;
private String excludeActions = "";
public synchronized String intercept(ActionInvocation invocation) throws
Exception
{
Map<String, Object> session =
invocation.getInvocationContext().getSession();
String actionName = invocation.getProxy().getActionName();
if (excludeActions.indexOf(actionName) != -1) return
invocation.invoke();
UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
if (userInfo == null)
{
return "loginRequired";
}
return invocation.invoke();
}
public void setExcludeActions(String values)
{
excludeActions = values;
}
}
And here's struts.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd";>
<struts>
<constant name="struts.devMode" value="true" />
<package name="basicstruts2" extends="struts-default">
<interceptors>
<interceptor name="expiredSessionInterceptor"
class="mesirow.struts.ExpiredSessionInterceptor" />
<interceptor-stack name="sessionExpirationStack">
<interceptor-ref name="expiredSessionInterceptor">
<param
name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
</interceptor-ref>
<interceptor-ref name="defaultStack"/>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="sessionExpirationStack" />
<global-results>
<result name="loginRequired">loginRequired</result>
</global-results>
<action name="loginRequired">
<result>/expiredSession.jsp</result>
</action>
</package>
</struts>
I have traced into this code and it is correctly returning "loginRequired" when
the user is not logged in. The problem is, the expiredSession.jsp is not being
shown.
This app is entirely driven by ajax calls that return NONE from their struts
action handlers.
What I observe is that instead of showing the expiredSession.jsp, the ajax call
goes through to its action handler (and fails). Why is the action handler for
an ajax call being called when I am returning "loginRequired"?
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It
is intended solely for the use of the addressee. If you are not the intended
recipient, you are strictly prohibited from disclosing, copying, distributing
or using any of this information. If you received this communication in error,
please contact the sender immediately and destroy the material in its entirety,
whether electronic or hard copy. Confidential, proprietary or time-sensitive
communications should not be transmitted via the Internet, as there can be no
assurance of actual or timely delivery, receipt and/or confidentiality. This is
not an offer, or solicitation of any offer to buy or sell any security,
investment or other product.
