When I try to access a page in my webapp I want to be redirected to the login page if I'm not already logged in.
I understand that using sessions you can see if someone is logged in or not?
How is this done?
I've looked at the example at :http://struts.apache.org/2.x/docs/simplelogin-with-session.html
But I have some questions about what happens in the example:
1. The execute method in their LoginAction class:
This code snipped adds two new things to the current session, right?
Would the map contain the String and the Date that I added previously if I do "session = ActionContext.getContext().getSession()" directly after?
Could the key "context" be changed to "userBean" and the Date object be changed to a Bean?
2. The loginChecker.jsp:
Obviously the webworks tags could be changed to struts tags (<s:if test=""> etc).
But what does "login" in the code "#session.login" refer to? Obviously it's the name of something stored in the session, but they don't put anything into the session that is called "login" as far as I can see. Could it refer to the action? Since there is an action configured in the xwork.xml that is called "login".
3. Is it wise to put a code snippet, like the one below, in every action which renders a page I only want logged in users to access?
Then sending anyone with an ERROR result to the login page, and letting anyone with a SUCCESS result continue to the page.
Or is there a better way?
1) You can put anything you want into session, and call it anything you want. For basic servlet technology questions check out the servlets forum.
2) It's a typo.
3) No; that kind of code belongs in either an action base class or an interceptor.
posted 11 years ago
Thank you David.
I'll go ahead an write an interceptor.
And I'll go ahead and ask a question about the interceptor just to make sure that I've got it right.
It's the interceptors work to redirect the user to the login page if he/she isn't logged in, right?