It's not part of struts but judging merely from its name, it's obviously built into the app security. What does xpetstore say it's meant to do? Have you checked the filter's javadoc?
Adam
On 03/25/2004 10:07 PM Martin Alley wrote:
Hi,
I've got a struts based app using form based authentication (started out as xpetstore).
I have a situation where if I'm on a web form protected by role based security, and the session times out, and then I submit the form, I get to the login page, login, but then the original form data is lost.
According to the log data, it's looking for an ActionForm of a different name according to whether the session has timed out or not!!!
I thought this stuff was statically configured.
When there is no time out, the log looks like this:
2004-03-25 19:40:19,350 INFO [xpetstore.web.filter.SignOnFilter] doFilter()
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] user=bug1b
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] isSignedIn=true
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] uri=/MotoringMemorabilia/updateCustomer.jspa
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] _login=/login.jspa
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /updateCustomer.jspa
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.action.RequestProcessor] Processing a 'POST' for path '/updateCustomer'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Looking for ActionForm bean instance in scope 'request' under attribute key 'existingCustomerForm'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Creating new ActionForm instance of type 'xpetstore.web.struts.action.customer.ExistingCustomerForm'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] --> [EMAIL PROTECTED]
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.action.RequestProcessor] Storing ActionForm bean instance in scope 'request' under attribute key 'existingCustomerForm'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.action.RequestProcessor] Populating bean properties from this request
2004-03-25 19:40:19,360 DEBUG [org.apache.struts.action.RequestProcessor] Validating input form properties
2004-03-25 19:40:19,370 DEBUG [org.apache.struts.action.RequestProcessor] No errors detected, accepting input
2004-03-25 19:40:19,370 DEBUG [org.apache.struts.action.RequestProcessor] Looking for Action instance for class xpetstore.web.struts.action.customer.UpdateCustomerAction
2004-03-25 19:40:19,370 DEBUG [org.apache.struts.action.RequestProcessor] Creating new Action instance
2004-03-25 19:40:19,370 INFO [xpetstore.web.struts.action.customer.UpdateCustomerAction] execute()
When there is a timeout the log goes like this:
2004-03-25 20:10:56,908 DEBUG [org.apache.struts.util.RequestUtils] Looking for ActionForm bean instance in scope 'request' under attribute key 'newCustomerForm'
2004-03-25 20:10:56,908 DEBUG [org.apache.struts.util.RequestUtils] Creating new ActionForm instance of type 'xpetstore.web.struts.action.customer.NewCustomerForm'
2004-03-25 20:10:56,908 DEBUG [org.apache.struts.util.RequestUtils] --> [EMAIL PROTECTED]
2004-03-25 20:10:56,918 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /index.jsp
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /cart.jspa
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /signon.jspa
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /search.jspa
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Looking for ActionForm bean instance in scope 'request' under attribute key 'searchForm'
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Creating new ActionForm instance of type 'xpetstore.web.struts.action.product.SearchForm'
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] --> [EMAIL PROTECTED]
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /index.jsp
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /category.jspa?categoryId=SIGNS
The relevant action configuration looks like this:
<action
path="/updateCustomer"
type="xpetstore.web.struts.action.customer.UpdateCustomerAction"
name="existingCustomerForm"
scope="request"
input="/myaccount.jsp"
unknown="false"
validate="true"
>
<set-property
property="secure"
value="true"
/>
<forward
name="success"
path="/index.jsp"
redirect="false"
/>
<forward
name="error"
path="/myaccount.jsp"
redirect="false"
/>
The form that is posted is declared in html like this:
<form name="existingCustomerForm" method="post" action="/MotoringMemorabilia/updateCustomer.jspa">
I need to understand the interplay between container (form) based authentication, filters and struts actionservlet.
Can anyone shed some light?
Thanks
Martin
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- struts 1.1 + tomcat 5.0.16 + java 1.4.2 Linux 2.4.20 Debian
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
