• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

struts2 login interceptor not finding session attribute of user details.

 
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am New to struts2 framework. I have created a login interceptor which will intercept every action to make sure user object in session, if not, redirect to login page or creates user if request coming from login page.

My Interceptor Code :
public String intercept(ActionInvocation invocation) throws Exception {
System.out.println("Interceptor method calling...");
final ActionContext context=invocation.getInvocationContext();
HttpServletRequest request= HttpServletRequest)context.get(HTTP_REQUEST);
HttpSession session=request.getSession(true);
Object user=request.getParameter(USER_HANDLE);
if(user==null){
String loginAttempt=null;
loginAttempt=(String)session.getAttribute(LOGIN_ATTEMPT);
if(loginAttempt==null){
if (processLoginAttempt (request, session) ) {
return "login-success";
} else {
Object action = invocation.getAction ();
if (action instanceof com.opensymphony.xwork2.ValidationAware) {
((com.opensymphony.xwork2.ValidationAware) action).addActionError ("Username or password incorrect.");
}
}

}
return "login";
}else{ //user already logged in ..continue with requested
return invocation.invoke();
}
}

private boolean processLoginAttempt(HttpServletRequest request, HttpSession session) {
String username = request.getParameter (USERNAME);
String password = request.getParameter (PASSWORD);
Object user = SecurityManager.login (username, password);
if (user != null) {
session.setAttribute (USER_HANDLE, user);
return true;
} else {
return false;
}
}

My Interceptor stock:
<interceptor name="login" class="com.struts.interceptor.login.LoginInterceptor"/>
<interceptor-stack name="defaultLoginStack">
<interceptor-ref name="servlet-config" />
<interceptor-ref name="params" />
<interceptor-ref name="login" />
<interceptor-ref name="prepare" />
<interceptor-ref name="chain" />
<interceptor-ref name="model-driven" />
<interceptor-ref name="fileUpload" />
<interceptor-ref name="static-params" />
<interceptor-ref name="params" />
<interceptor-ref name="conversionError" />
<interceptor-ref name="validation" />
<interceptor-ref name="workflow" />
</interceptor-stack>
My Actions :
<action name="ShowLogin">
<result>/jsp/login.jsp</result>
</action>
<action name="displayAllBranches" class="com.struts.action.organization.BranchAction" method="getAllBranches">
<result name="success">/jsp/branchList.jsp</result>
</action>
For every request my interceptor calling properly, but it couldn't find the USER_HANDLE attribute in session after second action call so returning to login page. i am not able to figure out why my session attribute removing from value stack? Any clue would be greatly appreciated.
 
Ranch Hand
Posts: 349
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm a little confused here. The only place in this code that I see you trying to find USER_HANDLE you are checking the request object for it. But when you create a value that you tie to USER_HANDLE you store it in the session object.

Is the code that you are using to check the vaule of USER_HANDLE that is stored in the session object not posted here? If so, please post it. If not then I think the problem is that you are using request.getParameter(USER_HANDLE);
rather than session.getAttribute (USER_HANDLE, user);
 
prveen dhannapuneni
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Tom. this is my coding mistake, i have used request object instead of session object to lookup the user object. Once again thanks for help.
 
reply
    Bookmark Topic Watch Topic
  • New Topic