[Stripes-users] encrypted parameter problem

Tue, 17 Sep 2013 16:54:22 -0700 

I have a login interceptor that redirects to a login page where necessary
with a "next" parameter set to the url that was just accessed, like so :


        if (user == null && LOGIN_NEEDED.contains(clazz)) {
            resolution = new RedirectResolution(Login.class);
            if (context.getRequest().getMethod().equalsIgnoreCase("GET")) {
                ((RedirectResolution)resolution).addParameter("next",
action.buildReturnUrl());
            }
        }

        return resolution;

buildReturnUrl is defined in my base action class as :

    public String buildReturnUrl() {
        try {
            HttpServletRequest req = getContext().getRequest();
            ActionResolver resolver =
StripesFilter.getConfiguration().getActionResolver();

             ActionBean bean = resolver.getActionBean(this.context,
req.getRequestURI());
            String urlBinding = resolver.getUrlBinding(bean.getClass());

            UrlBuilder builder = new UrlBuilder(req.getLocale(),
urlBinding, true);
            builder.addParameters(req.getParameterMap());

            return builder.toString();
        }
        catch (StripesServletException ex) {
            throw new RuntimeException("failed to build url", ex);
        }
    }

(I resorted to this as opposed to the method shown in the Stripes book
because it does not handle clean urls properly. If you have a binding such
as "/some/path/{id}", you end up with "/some/path/foo?id=foo").

However, URLBuilder is encrypting the parameters as it builds so what is
already encrypted turns into a broken value. Since all the methods to
modify the request map in StripesRequestWrapper throw
UnsupportedOperationExceptions, I can't decrypt the encrypted parameters
(known parameter names) and then replace them so they get re-encrypted
properly by the URLBuilder.

How can I modify the request parameters to fix the double encoding issue?

Thanks

Chris

------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13. 
http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users

Reply via email to