Part of the application that I am writing involves an outside system transferring XML over HTTP Post via an action on our system (transfer.do) which I then grab and store in the session. I then redirect to a secure action which forces the login page to be displayed and once authenticated, the data is processed and put into the database. I wrote a testJSP page with a simple form which simulates this and everything is fine.... However, my problem lies with the outside system passing the data through. The outside system can hit my unsecure action, grab the XML data and store it in the session but then it does not redirect to the login page or the secured process and the process just dies. I get a blank page and no error messages. If I dont set redirect to be true in the struts-config for the action, then it will hit the unsecure process and then not try and login and go straight to the secured process and then fail because we dont have a username in the session.
Everything I've found on the web concerns spelling errors, but in my case, it works for a local page, but not for an outside system.
Here is the struts-config. It first hits the /transfer action and goes to comp.transferProcess which grabs the XML I then want to forward to another action auth/transferProcess but this is secured so it should go to the login page.
The outside system can't access any other secured action or page and they all go to a blank page with no errors.
I can redirect to a non-secured page (the login screen by itself (not being redirected there)) but all the images are broken and the css is all messed up
When I view the source, its just a blank HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=windows-1252"></HEAD> <BODY></BODY></HTML>
And finally, im just using HTTP, no HTTPS
btw... the outside system is on a server and im having it connect to my box here for testing purposes and im running Borland Enterprise Server 5.2.1 if that helps at all. Im scratching my head for an answer to this thing.
Any ideas or more informationi required, then please let me know as I will be most greatful.
A blank screen usually means that the forward is null, in other words mapping.findForward is not successful.
I really really really recommend not naming Actions, GlobalForwards, and ActionForms so similar.
<global-forwards> <forward name="auth/transferProcess" path="/auth/transferProcess.do" redirect="true"/> </global-forwards> * Try to avoid the need for slashes here in the name attribute.
<action path="/transfer" type="comp.transferProcess" scope="session"/> * Scope is not needed
<action path="/auth/transferProcess" name="/auth/transferProcess" type="comp.transferProcess2" scope="session"/> * The form-bean is named /auth/transferProcess??? Again, avoid slashes.
A good workman is known by his tools.
Joined: Feb 15, 2005
SOrry... I forgot to remove the name attribute... there is no form bean with that as the name, but I removed them and the problem still remains. The question I would like answered is why it works for an internal JSP page and not for an outside page when both are hitting the initial unsecured action fine. I tried removing all the security and it still can't find the other action.
Originally posted by Beju Jones: ... The question I would like answered is why it works for an internal JSP page and not for an outside page when both are hitting the initial unsecured action fine.
How do you know they are both hitting the unsecured action fine?
Joined: Feb 15, 2005
I know because im looking through the log files and they are both hitting the unsecured action and then trying to forward onto the new page and this is when the security is supposed to kick in and redirect to the login page first before going to the page I initially requested.