wood burning stoves 2.0*
The moose likes Struts and the fly likes interceptors Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "interceptors" Watch "interceptors" New topic
Author

interceptors

chris locke
Greenhorn

Joined: Aug 13, 2010
Posts: 17
Hi gurus,

I have a hopefully quick question about interceptors. My example:

www.mysite.com/login.jsp
-user logs in and creates session data for the user, which then redirects to www.mysite.com/welcome.jsp

welcome.jsp has no associated actions. It is a basic jsp which integrates some session data variables.

if a user tries to deep link and access www.mysite.com/welcome.jsp directly without logging in first, what do I need to add into struts.xml to intercept this? I've only seen examples such as:



The above example only intercepts the action, correct? How do I intercept a page redirect?

Thanks.
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

An S2 application shouldn't ever see a JSP page directly, particularly if you want to use S2 functionality for said JSP pages. Is there any particular reason you need to access a JSP directly?
chris locke
Greenhorn

Joined: Aug 13, 2010
Posts: 17
David Newton wrote:An S2 application shouldn't ever see a JSP page directly, particularly if you want to use S2 functionality for said JSP pages. Is there any particular reason you need to access a JSP directly?


I'm not sure what you mean by that...

You're saying that the jsp should never be visible to the user? As in, the user should never know that "welcome.jsp" exists due to mapping? Or that S2 apps should never access jsp, period? As in, "<result name="error">Login.jsp</result>" is bad practice?
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

The former--the second one doesn't make any sense. Accessing a JSP through an action isn't accessing a JSP directly--it's accessing it through an action.
chris locke
Greenhorn

Joined: Aug 13, 2010
Posts: 17
Oh.. sorry. I'm still new to this so I wasn't sure what "direct" jsp access meant.

In my app the jsps aren't visible to the user. For example, the www.mysite.com/login.jsp page is accessed by the user with www.mysite.com/login. The user shouldn't be able to access the jsps directly, however here is my dilemna:

When the user goes to www.mysite.com I want them to automatically get redirected past the login page if valid session data already exists. So, I was advised to create a filter/interceptor that checks for valid session data when trying to access any content page, and redirect to the login page if it failed. My welcome file is currently:



I want it to intercept the access to welcome.jsp (any any other content jsp for that matter) and perform the session check.. I want the login action from the login.jsp page to bypass this interceptor since it creates the session data. Am I going about this all wrong? Is there a better way?
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

I don't know why you need to check the JSP itself.

Actions not requiring the login check should be configured to use an interceptor stack without it, those requiring the check shouldn't. The only JSP that might be accessed directly is a welcome page, which should redirect to an action, which would be covered by the appropriate interceptor stack.
chris locke
Greenhorn

Joined: Aug 13, 2010
Posts: 17
David Newton wrote:I don't know why you need to check the JSP itself.

Actions not requiring the login check should be configured to use an interceptor stack without it, those requiring the check shouldn't. The only JSP that might be accessed directly is a welcome page, which should redirect to an action, which would be covered by the appropriate interceptor stack.


Hmmm...ok. Well, the first part of what you said makes sense. The 2nd part about redirecting the welcome page to an action, how do I do that?

Thanks :)
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

Use an HTML meta refresh tag.
chris locke
Greenhorn

Joined: Aug 13, 2010
Posts: 17
I appreciate the help, but you've confused me thoroughly. I'll come back to this later
chris locke
Greenhorn

Joined: Aug 13, 2010
Posts: 17
So I found a way around this.

If the <welcome-file-list> is pointing to Login.jsp for example, you can add into Login.jsp the following:


I'm not sure if it's good practice to be doing so but if you're trying to call an action from the web.xml file, this works.
 
 
subject: interceptors
 
Similar Threads
Struts2 Interceptor Error in struts.xml file
It is possible to exclude interceptor for given action?
Problem with action + parameters
problem in configuring interceptor in struts.xml
struts2 login interceptor not finding session attribute of user details.