GeeCON Prague 2014*
The moose likes Struts and the fly likes struts2 login interceptor not finding session attribute of user details. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Frameworks » Struts
Bookmark "struts2 login interceptor not finding session attribute of user details." Watch "struts2 login interceptor not finding session attribute of user details." New topic
Author

struts2 login interceptor not finding session attribute of user details.

prveen dhannapuneni
Greenhorn

Joined: Oct 13, 2007
Posts: 7
I am New to struts2 framework. I have created a login interceptor which will intercept every action to make sure user object in session, if not, redirect to login page or creates user if request coming from login page.

My Interceptor Code :
public String intercept(ActionInvocation invocation) throws Exception {
System.out.println("Interceptor method calling...");
final ActionContext context=invocation.getInvocationContext();
HttpServletRequest request= HttpServletRequest)context.get(HTTP_REQUEST);
HttpSession session=request.getSession(true);
Object user=request.getParameter(USER_HANDLE);
if(user==null){
String loginAttempt=null;
loginAttempt=(String)session.getAttribute(LOGIN_ATTEMPT);
if(loginAttempt==null){
if (processLoginAttempt (request, session) ) {
return "login-success";
} else {
Object action = invocation.getAction ();
if (action instanceof com.opensymphony.xwork2.ValidationAware) {
((com.opensymphony.xwork2.ValidationAware) action).addActionError ("Username or password incorrect.");
}
}

}
return "login";
}else{ //user already logged in ..continue with requested
return invocation.invoke();
}
}

private boolean processLoginAttempt(HttpServletRequest request, HttpSession session) {
String username = request.getParameter (USERNAME);
String password = request.getParameter (PASSWORD);
Object user = SecurityManager.login (username, password);
if (user != null) {
session.setAttribute (USER_HANDLE, user);
return true;
} else {
return false;
}
}

My Interceptor stock:
<interceptor name="login" class="com.struts.interceptor.login.LoginInterceptor"/>
<interceptor-stack name="defaultLoginStack">
<interceptor-ref name="servlet-config" />
<interceptor-ref name="params" />
<interceptor-ref name="login" />
<interceptor-ref name="prepare" />
<interceptor-ref name="chain" />
<interceptor-ref name="model-driven" />
<interceptor-ref name="fileUpload" />
<interceptor-ref name="static-params" />
<interceptor-ref name="params" />
<interceptor-ref name="conversionError" />
<interceptor-ref name="validation" />
<interceptor-ref name="workflow" />
</interceptor-stack>
My Actions :
<action name="ShowLogin">
<result>/jsp/login.jsp</result>
</action>
<action name="displayAllBranches" class="com.struts.action.organization.BranchAction" method="getAllBranches">
<result name="success">/jsp/branchList.jsp</result>
</action>
For every request my interceptor calling properly, but it couldn't find the USER_HANDLE attribute in session after second action call so returning to login page. i am not able to figure out why my session attribute removing from value stack? Any clue would be greatly appreciated.
Tom Rispoli
Ranch Hand

Joined: Aug 29, 2008
Posts: 349
I'm a little confused here. The only place in this code that I see you trying to find USER_HANDLE you are checking the request object for it. But when you create a value that you tie to USER_HANDLE you store it in the session object.

Is the code that you are using to check the vaule of USER_HANDLE that is stored in the session object not posted here? If so, please post it. If not then I think the problem is that you are using request.getParameter(USER_HANDLE);
rather than session.getAttribute (USER_HANDLE, user);
prveen dhannapuneni
Greenhorn

Joined: Oct 13, 2007
Posts: 7
Thanks Tom. this is my coding mistake, i have used request object instead of session object to lookup the user object. Once again thanks for help.
 
GeeCON Prague 2014
 
subject: struts2 login interceptor not finding session attribute of user details.