I've some problem with filter. so i'll try with interceptor. i've done something like that:
public String intercept(ActionInvocation invocation) throws Exception { Map session = ActionContext.getContext().getSession(); Object o = session.get("logged"); boolean ret = false; if (o != null) { String admin = "" + o; if (admin.equals("admin")) { ret = true; } } if (ret) { return invocation.invoke(); } else { return "denied"; } } but when i mapped the interceptor, how can i choose what i've to do? i've to put a result named denied in each action? On Wed, May 20, 2009 at 15:28, Andy Sykes <a.sy...@ucl.ac.uk> wrote: > You need to include <dispatcher> elements in your filter mappings for the > Struts filter. > > eg. > > <filter-mapping> > <filter-name>struts2</filter-name> > <url-pattern>/*</url-pattern> > <dispatcher>REQUEST</dispatcher> > <dispatcher>FORWARD</dispatcher> > </filter-mapping> > > With no <dispatcher> element specified, the container assumes you mean the > filter chain only gets applied to requests. > > The <dispatcher>FORWARD</dispatcher> element means the filter chain will get > invoked when a servlet performs a forward (as your code does). > > Just FYI - you may want to consider doing your protection with Interceptors, > since it's a bit less clumsy than lugging around servlet filters with > Struts. > > You can very easily write an Interceptor[1] that will return a certain > result type (say "denied") based on whether a specified attribute exists in > the user's session. Doing so is left as an exercise to the reader :) > > You're not then limited to using mappings in the web.xml, and all the logic > is embedded in the framework you've chosen. > > Struts' interceptors are a very powerful AOP-style pattern that I think are > sometimes overlooked and aren't emphasised enough... > > [1] http://struts.apache.org/2.x/docs/writing-interceptors.html > > On 20 May 2009, at 13:42, Stefano Tranquillini wrote: > >> now is taked. but i've some problem with the dispacer. >> i've an action mapped in this way: >> <action name="denied" > >> <result type="tiles">denied</result> >> </action> >> >> namespace is / >> >> if i manually put in this url: >> http://localhost:8080//WAP-Shop-war/denied.action its WORKS. >> >> the filter, else branch is this: >> else { >> RequestDispatcher rd = null; >> rd = sc.getRequestDispatcher("/denied.action"); >> rd.forward(myRequest, myResponse); >> } >> >> and has to recall the same url see above, but he returns an error (404): >> >> type Status report >> >> message /WAP-Shop-war/denied.action >> >> description The requested resource (/WAP-Shop-war/denied.action) is >> not available. >> >> but is available! >> >> ideas? >> >> >> >> On Wed, May 20, 2009 at 13:35, Andy Sykes <a.sy...@ucl.ac.uk> wrote: >>> >>> Put the mapping for the admin filter above the struts2 filter. Filters >>> are >>> invoked in the order in web.xml, first to last. >>> >>> The struts filter is catching the request first and dispatching it before >>> it >>> ever reaches the admin filter. >>> >>> On 20 May 2009, at 09:37, Stefano Tranquillini wrote: >>> >>>> Hi all. >>>> i need to block the path /admin/ for all the pepole. only the people >>>> logged in as root can access it. >>>> i've done a filter, but struts seems to dosen't works with its >>>> >>>> <filter> >>>> <filter-name>struts2</filter-name> >>>> >>>> >>>> <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class> >>>> </filter> >>>> <filter> >>>> <filter-name>adminFilter</filter-name> >>>> <filter-class>filter.AdminFilter</filter-class> >>>> </filter> >>>> <filter-mapping> >>>> <filter-name>struts2</filter-name> >>>> <url-pattern>/*</url-pattern> >>>> </filter-mapping> >>>> <filter-mapping> >>>> <filter-name>adminFilter</filter-name> >>>> <url-pattern>/admin/*</url-pattern> >>>> </filter-mapping> >>>> >>>> public class AdminFilter implements Filter { >>>> >>>> FilterConfig fc; >>>> >>>> public AdminFilter() { >>>> } >>>> >>>> public void init(FilterConfig fc) throws ServletException { >>>> this.fc = fc; >>>> } >>>> >>>> public void doFilter(ServletRequest request, ServletResponse >>>> response, FilterChain chain) throws IOException, ServletException { >>>> >>>> System.out.println("i'm the filter!"); >>>> >>>> >>>> HttpServletResponse myResponse = (HttpServletResponse) response; >>>> HttpServletRequest myRequest = (HttpServletRequest) request; >>>> String user = (String) >>>> myRequest.getSession().getAttribute("logged"); >>>> ServletContext sc = fc.getServletContext(); >>>> if (user.equals("admin")) { >>>> >>>> >>>> String requestURI = myRequest.getRequestURI(); >>>> int pathLength = myRequest.getContextPath().length(); >>>> StringBuffer relativeURI = new >>>> StringBuffer(requestURI.substring(pathLength)); >>>> String query = myRequest.getQueryString(); >>>> if (query != null) { >>>> relativeURI.append("?").append(query); >>>> } >>>> RequestDispatcher rd = null; >>>> if (relativeURI.toString().length() > 0) { >>>> rd = sc.getRequestDispatcher(relativeURI.toString()); >>>> } else { >>>> rd = sc.getRequestDispatcher("/WAP-Shop-war/"); >>>> } >>>> rd.forward(myRequest, myResponse); >>>> } else { >>>> RequestDispatcher rd = null; >>>> rd = sc.getRequestDispatcher("/WAP-Shop-war/"); >>>> rd.forward(myRequest, myResponse); >>>> } >>>> return; >>>> } >>>> >>>> public void destroy() { >>>> } >>>> } >>>> >>>> >>>> when i put the url like: >>>> http://localhost:8080/WAP-Shop-war/admin/showAddItem.action i see the >>>> page and i don't see the string: i'm the filter! >>>> >>>> where's the fault? >>>> >>>> -- >>>> Stefano >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >>>> For additional commands, e-mail: user-h...@struts.apache.org >>>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >>> For additional commands, e-mail: user-h...@struts.apache.org >>> >>> >> >> >> >> -- >> Stefano >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >> For additional commands, e-mail: user-h...@struts.apache.org >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > > -- Stefano --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org