I believe I am having a chicken and egg problem using a Struts Action as the form-login-page defined in my web.xml.
I followed a number of tutorials to get to this point but here is the basic flow and the relevant parts of my config.
This puts the security constraint on all .do urls <security-constraint> <web-resource-collection> <web-resource-name>action</web-resource-name> <description>Secure the action servlet</description> <url-pattern>*.do</url-pattern> <http-method>HEAD</http-method> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> </web-resource-collection>
The problem is when I need to submit Login.do to LoginSubmit.do this results in a redirection back to Login.do. Not what I want. So I attempted to put all the logic in the LoginAction class associated with Login action.
struts-config.xml <!-- Login Form --> <form-bean name="loginForm" type="web.main.forms.util.LoginForm"/>
This is busted for a number of reasons, the worst of which I have to validate everything in the Action because I can't tell the difference between the 1st land and a submit of a blank form. Should I be doing this another way? I was thinking of using a servlet filter to check the users session and redirect, I will have to do this anyway.