Re: Fwd: Re: Struts2 login action class seems to be reused
Hi Norbert, Struts1 actions are thread safe (no instance variables). The login action has been moved to Struts2 with instance variables for username, password and the issue is coming up with this new struts2 action. Which is used for both displaying login page and also taking username/password when the form is submitted. Thanks, Prasanth On 3/2/2018 5:55 PM, Norbert Hirneisen wrote: Hi Prasanth, are you sure all your struts1 code is thread safe ? I had some similiar problems in a struts1 application. After removing all action class properties the problem was solved. Struts2 should be thread safe. But your problems looks to me like a problem with thread safety. Best regards, Norbert science + communication & HaNo Systems Bonn/Ho-Chi-Minh Am 02.03.2018 um 22:07 schrieb Prasanth Pasala: I was able to replicate the issue today. Asked few users to keep logging in and ran jmeter to access login page, with out putting any username or password. Out of the 100 attempts 2 attempts were successful in getting in with out username/password. I am seeing database login entries for these two. Which would happen only if a valid session is not present and user has provided username/password. Thanks, Prasanth On 03/01/2018 02:27 PM, Prasanth wrote: Hi, I have an application which uses both struts1 & struts2. The login action was recently moved to struts2. Immediately after the deployment we were notified that one user is seeing a different user information, so we had to move to older war files. I am not able to replicate it. But after investigating the logs it seems like couple users were logged in as soon as they requested the login page. For the database entry to happen it has to verify the username and password in the action class, but the fact that there is no POST entry at that time from that IP in my access log makes me believe that the action class some how already had that information from a prior user. I do have a login filter to check if users are logged in when accessing other pages. In this filter I have the below two lines, we had to do this as we will have requests forwarded from one application to another and when that happens we are getting class cast exception for ActionMapping class and valueStack. Not sure if the behavior is a side effect of having the below lines. request.setAttribute("struts.actionMapping", new ActionMapping()); request.setAttribute("struts.valueStack", null); We are using Struts 2.3.34 and Wildfly. Appreciate any insights you might have. Thanks, Prasanth - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
Re: Dynamically generating multiple sets of radio buttons
On 2/27/2018 4:37 PM, Dave Weis wrote: > value="1500"/>HOTTER > public void setVariation(HashMapvariationItem){ > > logger.error("setVariation was called with variations"); > > for (Map.Entry entry : variationItem.entrySet()) { > String key = entry.getKey(); > String value = entry.getValue(); > > logger.error(key + "=" + value); > } > > > } > Is my method signature incorrect? Thank you! I guess Struts wont call setVariation for e.g. variation[2000]=HOTTER. Instead I guess it calls getVariation().put(2000, "HOTTER"); maybe you should use Map for defining variation instead with java simple getter and setter. Regards.
Fwd: Re: Struts2 login action class seems to be reused
Hi Prasanth, are you sure all your struts1 code is thread safe ? I had some similiar problems in a struts1 application. After removing all action class properties the problem was solved. Struts2 should be thread safe. But your problems looks to me like a problem with thread safety. Best regards, Norbert science + communication & HaNo Systems Bonn/Ho-Chi-Minh Am 02.03.2018 um 22:07 schrieb Prasanth Pasala: I was able to replicate the issue today. Asked few users to keep logging in and ran jmeter to access login page, with out putting any username or password. Out of the 100 attempts 2 attempts were successful in getting in with out username/password. I am seeing database login entries for these two. Which would happen only if a valid session is not present and user has provided username/password. Thanks, Prasanth On 03/01/2018 02:27 PM, Prasanth wrote: Hi, I have an application which uses both struts1 & struts2. The login action was recently moved to struts2. Immediately after the deployment we were notified that one user is seeing a different user information, so we had to move to older war files. I am not able to replicate it. But after investigating the logs it seems like couple users were logged in as soon as they requested the login page. For the database entry to happen it has to verify the username and password in the action class, but the fact that there is no POST entry at that time from that IP in my access log makes me believe that the action class some how already had that information from a prior user. I do have a login filter to check if users are logged in when accessing other pages. In this filter I have the below two lines, we had to do this as we will have requests forwarded from one application to another and when that happens we are getting class cast exception for ActionMapping class and valueStack. Not sure if the behavior is a side effect of having the below lines. request.setAttribute("struts.actionMapping", new ActionMapping()); request.setAttribute("struts.valueStack", null); We are using Struts 2.3.34 and Wildfly. Appreciate any insights you might have. Thanks, Prasanth - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
Re: Struts2 login action class seems to be reused
I was able to replicate the issue today. Asked few users to keep logging in and ran jmeter to access login page, with out putting any username or password. Out of the 100 attempts 2 attempts were successful in getting in with out username/password. I am seeing database login entries for these two. Which would happen only if a valid session is not present and user has provided username/password. Thanks, Prasanth On 03/01/2018 02:27 PM, Prasanth wrote: > Hi, > > I have an application which uses both struts1 & struts2. The login action was > recently moved to struts2. Immediately after the deployment we were notified > that one user is seeing a different user > information, so we had to move to older war files. I am not able to replicate > it. But after investigating the logs it seems like couple users were logged > in as soon as they requested the login page. > For the database entry to happen it has to verify the username and password > in the action class, but the fact that there is no POST entry at that time > from that IP in my access log makes me believe > that the action class some how already had that information from a prior user. > > I do have a login filter to check if users are logged in when accessing other > pages. In this filter I have the below two lines, we had to do this as we > will have requests forwarded from one > application to another and when that happens we are getting class cast > exception for ActionMapping class and valueStack. Not sure if the behavior is > a side effect of having the below lines. > > request.setAttribute("struts.actionMapping", new > ActionMapping()); > request.setAttribute("struts.valueStack", null); > > We are using Struts 2.3.34 and Wildfly. > > Appreciate any insights you might have. > > Thanks, > Prasanth > >
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
https://issues.apache.org/jira/projects/WW/issues/WW-4904 Forwarded using request dispatcher. ServletContext sContext = context.getContext("/context2"); RequestDispatcher rd = sContext.getRequestDispatcher(resource); rd.forward(request, response); Thanks, Prasanth On 03/02/2018 09:31 AM, Lukasz Lenart wrote: > 2018-03-02 15:16 GMT+01:00 Prasanth: >> There are two applications on different contexts. Each have their own struts >> jars. The exception happens when a request to one context is forwarded to >> another context. > What do you mean by "forwarded"? > > > Regards
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
2018-03-02 15:16 GMT+01:00 Prasanth: > There are two applications on different contexts. Each have their own struts > jars. The exception happens when a request to one context is forwarded to > another context. What do you mean by "forwarded"? Regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
There are two applications on different contexts. Each have their own struts jars. The exception happens when a request to one context is forwarded to another context. Thanks, Prasanth On 03/02/2018 01:13 AM, Lukasz Lenart wrote: > 2018-03-01 20:20 GMT+01:00 Prasanth: >> 13:17:52,070 ERROR [stderr] (default task-59) Caused by: >> java.lang.ClassCastException: com.opensymphony.xwork2.ognl.OgnlValueStack >> cannot be cast to com.opensymphony.xwork2.util.ValueStack > You have two the same JARs on a class path but in different versions > (probably xwork-core-*.jar) or JARs were loaded by different > classloaders which means some framework's JARs were included inside > Wildfly > > > Regards
Re: Jsp fields are null at startup
2018-03-02 13:31 GMT+01:00 albert kao: > My jsp fields username and password are null at startup (jsp page is > loaded). > Why? > That make the "Invalid Username/Password. Please try again." message appear > when the page is loaded. > How to fix that? Use two methods: - execute() to display a form - authenticate() to perform validation and login action You must understand that flow in Struts is as follow: request -> action -> jsp so even opening a page, the execute() method is called Regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
Jsp fields are null at startup
My jsp fields username and password are null at startup (jsp page is loaded). Why? That make the "Invalid Username/Password. Please try again." message appear when the page is loaded. How to fix that? Login.jsp <%@ page contentType="text/html; charset=UTF-8"%> <%@ taglib prefix="s" uri="/struts-tags"%> Struts 2 - Login Application | ViralPatel.net Struts 2 - Login Application LoginAction.java import com.opensymphony.xwork2.ActionSupport; public class LoginAction extends ActionSupport { private String username; private String password; public String authenticate() { return execute(); } public String execute() { if ((username != null) && (password != null) && this.username.equals("admin") && this.password.equals("admin123")) { return "success"; } else { addActionError(getText("error.login")); return "error"; } } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } }