Adam Hardy
Thu, 25 Mar 2004 13:19:38 -0800
Hi,
I've got a struts based app using form based authentication (started out as xpetstore).
I have a situation where if I'm on a web form protected by role based security, and the session times out, and then I submit the form, I get to the login page, login, but then the original form data is lost.
According to the log data, it's looking for an ActionForm of a different name according to whether the session has timed out or not!!!
I thought this stuff was statically configured.
When there is no time out, the log looks like this:
2004-03-25 19:40:19,350 INFO [xpetstore.web.filter.SignOnFilter] doFilter()
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] user=bug1b
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] isSignedIn=true
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] uri=/MotoringMemorabilia/updateCustomer.jspa
2004-03-25 19:40:19,350 DEBUG [xpetstore.web.filter.SignOnFilter] _login=/login.jspa
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /updateCustomer.jspa
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.action.RequestProcessor] Processing a 'POST' for path '/updateCustomer'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Looking for ActionForm bean instance in scope 'request' under attribute key 'existingCustomerForm'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] Creating new ActionForm instance of type 'xpetstore.web.struts.action.customer.ExistingCustomerForm'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.util.RequestUtils] --> [EMAIL PROTECTED]
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.action.RequestProcessor] Storing ActionForm bean instance in scope 'request' under attribute key 'existingCustomerForm'
2004-03-25 19:40:19,350 DEBUG [org.apache.struts.action.RequestProcessor] Populating bean properties from this request
2004-03-25 19:40:19,360 DEBUG [org.apache.struts.action.RequestProcessor] Validating input form properties
2004-03-25 19:40:19,370 DEBUG [org.apache.struts.action.RequestProcessor] No errors detected, accepting input
2004-03-25 19:40:19,370 DEBUG [org.apache.struts.action.RequestProcessor] Looking for Action instance for class xpetstore.web.struts.action.customer.UpdateCustomerAction
2004-03-25 19:40:19,370 DEBUG [org.apache.struts.action.RequestProcessor] Creating new Action instance
2004-03-25 19:40:19,370 INFO [xpetstore.web.struts.action.customer.UpdateCustomerAction] execute()
When there is a timeout the log goes like this:
2004-03-25 20:10:56,908 DEBUG [org.apache.struts.util.RequestUtils] Looking for ActionForm bean instance in scope 'request' under attribute key 'newCustomerForm'
2004-03-25 20:10:56,908 DEBUG [org.apache.struts.util.RequestUtils] Creating new ActionForm instance of type 'xpetstore.web.struts.action.customer.NewCustomerForm'
2004-03-25 20:10:56,908 DEBUG [org.apache.struts.util.RequestUtils] --> [EMAIL PROTECTED]
2004-03-25 20:10:56,918 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /index.jsp
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /cart.jspa
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /signon.jspa
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /search.jspa
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Looking for ActionForm bean instance in scope 'request' under attribute key 'searchForm'
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Creating new ActionForm instance of type 'xpetstore.web.struts.action.product.SearchForm'
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] --> [EMAIL PROTECTED]
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /index.jsp
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Module name found: default
2004-03-25 20:10:56,928 DEBUG [org.apache.struts.util.RequestUtils] Get module name for path /category.jspa?categoryId=SIGNS
The relevant action configuration looks like this:
<action
path="/updateCustomer"
type="xpetstore.web.struts.action.customer.UpdateCustomerAction"
name="existingCustomerForm"
scope="request"
input="/myaccount.jsp"
unknown="false"
validate="true"
>
<set-property
property="secure"
value="true"
/>
<forward
name="success"
path="/index.jsp"
redirect="false"
/>
<forward
name="error"
path="/myaccount.jsp"
redirect="false"
/>
The form that is posted is declared in html like this:
<form name="existingCustomerForm" method="post" action="/MotoringMemorabilia/updateCustomer.jspa">
I need to understand the interplay between container (form) based authentication, filters and struts actionservlet.
Can anyone shed some light?
Thanks
Martin
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- struts 1.1 + tomcat 5.0.16 + java 1.4.2 Linux 2.4.20 Debian
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]