[ http://mc4j.org/jira/browse/STS-223?page=comments#action_10379 ]
Brian Nørremark commented on STS-223: ------------------------------------- Hm, I can´t replicate this - must have had an off day the day I created this. btw - what about adding a lifecyclestage prior to ActionBeanResolution - "IncommingRequest" or something, that would affect not only ActionBeans, but also JSPs? This would allow Interceptors to deal with JSPs too, this would allow implementation of security-filters with the Stripes architecture. > Returned Resolution in Interceptors has no effect > ------------------------------------------------- > > Key: STS-223 > URL: http://mc4j.org/jira/browse/STS-223 > Project: Stripes > Type: Bug > Components: ActionBean Dispatching > Versions: Release 1.3.2 > Reporter: Brian Nørremark > Assignee: Tim Fennell > > A very boiled down Interceptor: > public class MyInterceptor implements Interceptor { > public Resolution intercept(ExecutionContext context) throws Exception { > Resolution proceed = context.proceed(); > > return new RedirectResolution("/index.jsp"); > } > } > I expected this redirects me to index.jsp, however the proceed-Resolution > overrides this. > Also - the documentation needs a little work on the Security-example. I > propose the following example instead: > @Intercepts(LifecycleStage.HandlerResolution) > public class SecurityInterceptor implements Interceptor { > /** Intercepts execution and checks that the user has appropriate > permissions. */ > public Resolution intercept(ExecutionContext ctx) throws Exception { > if (isPermitted(ctx.getActionBean(), ctx.getActionBeanContext()) { > return context.proceed(); > } else if (loggedIn(ctx.getActionBeanContext()) { > return new RedirectResolution("/security/Unauthorized.jsp"); > } else { > return new RedirectResolution("/security/Login.jsp"); > } > } > /** Returns true if the user is logged in. */ > protected boolean isLoggedIn(ActionBeanContext ctx) { > return ((MyActionBeanContext) ctx).getUser() != null; > } > /** Returns true if the user is permitted to invoke the event requested. > */ > protected boolean isPermitted() { ... } > } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://mc4j.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Stripes-development mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/stripes-development
