hi scott, well, i'll try my best. here's the code from the execute method of MyRequestProcessor (that's the one included in the struts-config.xml):
public class MyRequestProcessor extends TilesRequestProcessor { public void process(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { HttpSession session = req.getSession(); String path = super.processPath(req, res); String url = req.getRequestURL().toString(); String queryString = req.getQueryString(); // the next lines are there to allow deep linking // we store the url that has been requested for future use if ((queryString!=null) && (!"".equals(queryString))) { url = url + "?" + queryString; } if (session.getAttribute(Constants.SESSION_LOGIN_REFER_KEY) == null) { if (url != null) { session.setAttribute(Constants.SESSION_LOGIN_REFER_KEY, url); } else { //TODO: get main URL from property session.setAttribute(Constants.SESSION_LOGIN_REFER_KEY, "http://localhost:8080/WebCreator/index.do"); } } // no comes the important stuff if (!checkForRealm(session)) { if (!"/login".equals(path)) { super.doForward("/login.do", req, res); } } super.process(req, res); } protected boolean checkForRealm(HttpSession session) throws ServletException, IOException { if (session.getAttribute(Constants.SESSION_USER_KEY) != null ) { return true; } else { return false; } } } so what it does is: - get the current requested url for further reference and stores it in the session if an atrribute with the same key does not exist (see "deep linking" below") - then it checks the session for the realm (that is the attribute that you use to say "the user is logged in") - if it does not exist and if the request didn't go to /login.do, it forwards the request to the action /login.do (which is a simple html with username/password field) - if it exists it redirects to the super class to process the request as usual - you need to implement the checkRealm() method with whatever you need to check, my example is really simple but very common with extending TileRequestProcessor (don't care that i extend TilesRequestProcessor, you can extend the standard request processor the same way) and adding the lines in struts-config.xml, each request that hits the struts action servlet will go through MyRequestProcessor BEFORE the typical struts tasks (action, form beans filling, etc) start. so this is the right place to check security, authorization and authentication. regarding "deep linking": i want my customers to be able to store a bookmark that points deep into the system. when they request this bookmark, they of course need to login first. so i store the requested url in the session, and if the login is successfull, i send a redirect to the browser to disply the page the user requested with his bookmark. this is done by sending a meta refresh command in the head of the resulting "login ok" page, with the url containing the session attribute that has been store with "session.setAttribute(Constants.SESSION_LOGIN_REFER_KEY, url)" hope that helps, feel free to ask more if something is unclear. kr, guenther -- Günther Wieser creative-it Guglgasse 6/1/11/1 A-1110 Wien Austria http://www.creative-it.com -----Original Message----- From: Scott Purcell [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 02, 2005 3:07 PM To: Struts Users Mailing List Subject: RE: html:form complains of bean missing Hello Gunther, I read last night about the tiles tempating functionality, so I have a little better handle on it today. It actually is a nice way to create some parts of my app, so I will revisit it today and try and prototype a couple of pages together. But as far as handling the session expires, etc, I do not completely understand how this is accomplished. What I have today, is a extended Action class which I can call a method eg: "if (obj.isLoggedIn()) { " type of method. So each of my pages has to go to the action servlet. Anyway, if you could show me how you are handling this, or be a litle more precise that would really help me out. I sincerely appreciate your time, Scott -----Original Message----- From: Günther Wieser [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 01, 2005 12:40 PM To: 'Struts Users Mailing List' Subject: RE: html:form complains of bean missing hi if you want a single point where you can check if a user is logged in or not, you can do something like the following: create a class "MyRequestProcessor extends TilesRequestProcessor" (in this case it is because i use tiles) and implement the process() method. within this method check for the login var that you e.g. put into the session. in the struts-config.xml add <controller processorClass="com.creative_it.webcreator.strutsext.MyRequestProcessor" /> and everythings fine. what you need to do in the MyReqestProcessor class is to exclude all URLs from checking that are used for e.g. the login form, or an error message in case something went wrong. if you want to be very nice to your users, store the URL that the user requested in the session, than redirect to the login form, and if everything went fine with the login, send him to the page that he/she originally requested. if you want the code for this, let me know, i can provide it. kr, guenther -----Original Message----- From: Scott Purcell [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 01, 2005 7:17 PM To: user@struts.apache.org Subject: html:form complains of bean missing First off, as I am learning Struts I just wanted to thank those, for bearing with my learning curve and helping out so far. Here is the issue: I want to pass all my forms, even forms without params to the com.skp.action.LoginAction action class, because this class handles the "isLoggedIn" issue through a subclass of Action. Anyway, I have a jsp page that has no params, so I have no bean to collect user data, so I configured my action like so: <action path="/mainAdmin" type="com.skp.action.LoginAction" > <forward name="Success" path="/jsp/admin/main.jsp" redirect="true"/> </action> Anyway, I just want to always use the LoginAction as a "Front Controller" to my web app, and catch the status of "logged-in" etc. This works well, but I have to use conventional <html> code and not the html:form tag: works: <!-- <form name="foo" action="/uniquepear/action/mainAdmin" method="POST"> --> does not work: <html:form action="mainAdmin"> When I use the above I get this error in the browser: javax.servlet.ServletException: Cannot retrieve definition for form bean null at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImp l.java:495) at org.apache.jsp.main_jsp._jspService(main_jsp.java:175) But I have no reason to have a bean for this action. How does one handle this problem? Thanks Scott --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]