Win a copy of Svelte and Sapper in Action this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

Struts 2 Session question: Using session to see if user is logged in?

 
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello!

This is what I'm trying to achieve:

When I try to access a page in my webapp I want to be redirected to the login page if I'm not already logged in.

I understand that using sessions you can see if someone is logged in or not?
How is this done?
I've looked at the example at :http://struts.apache.org/2.x/docs/simplelogin-with-session.html
But I have some questions about what happens in the example:

1. The execute method in their LoginAction class:

This code snipped adds two new things to the current session, right?
Would the map contain the String and the Date that I added previously if I do "session = ActionContext.getContext().getSession()" directly after?
Could the key "context" be changed to "userBean" and the Date object be changed to a Bean?

2. The loginChecker.jsp:

Obviously the webworks tags could be changed to struts tags (<s:if test=""> etc).
But what does "login" in the code "#session.login" refer to? Obviously it's the name of something stored in the session, but they don't put anything into the session that is called "login" as far as I can see. Could it refer to the action? Since there is an action configured in the xwork.xml that is called "login".


3. Is it wise to put a code snippet, like the one below, in every action which renders a page I only want logged in users to access?

Then sending anyone with an ERROR result to the login page, and letting anyone with a SUCCESS result continue to the page.
Or is there a better way?

Thanks in advance,
Alia
 
Author
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
1) You can put anything you want into session, and call it anything you want. For basic servlet technology questions check out the servlets forum.

2) It's a typo.

3) No; that kind of code belongs in either an action base class or an interceptor.
 
Alia Huss
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you David.
I'll go ahead an write an interceptor.
And I'll go ahead and ask a question about the interceptor just to make sure that I've got it right.
It's the interceptors work to redirect the user to the login page if he/she isn't logged in, right?


Thanks
 
David Newton
Author
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's correct.
 
Alia Huss
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you so much!
It's working exactly the way I had imagined it.

Regards
Alia
 
Don't listen to Steve. Just read this tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic