I'm a stripes newbie, but I just ran into this same issue and here's what I
came up with:
public class MySecurityManager extends J2EESecurityManager implements
SecurityHandler
{
// etc
@SuppressWarnings("unchecked")
@Override // from org.stripesstuff.plugin.security.SecurityHandler
public Resolution handleAccessDenied(ActionBean bean, Method handler)
{
// get the path we came from and use urlbuilder to append any clean url
params to it
String path =
UrlBindingFactory.getInstance().getBinding(bean.getContext().getRequest()).getPath();
UrlBuilder urlBuilder = new
UrlBuilder(bean.getContext().getRequest().getLocale(), path, false);
urlBuilder.addParameters(bean.getContext().getRequest().getParameterMap());
// authenticated and access denied = user not in roles allowed
if (this.isUserAuthenticated(bean, handler))
{
log.debug("User: " +
this.getSecurityContext(bean).getUserPrincipal().getName() + " failed
authorization from: " + path);
return new RedirectResolution("/error");
}
return new RedirectResolution("/login?from=" +
StringUtil.urlEncode(urlBuilder.toString()));
}
also I discovered that using the form tag with url bindings that have params
in them requires you to use the param tag to get the value into the action
url... like so:
<stripes:form beanclass="com.myapp.action.ExampleActionBean" method="post">
<c:if test="${not empty actionBean.id}">
<stripes:param name="id" value="${actionBean.id}"></stripes:param>
</c:if>
..etc
I hope that helps, and like I said I'm pretty new to stripes so there may be
other ways to go with this.
On Thu, Apr 23, 2009 at 6:54 PM, otismo <[email protected]> wrote:
>
> Why does my request url get truncated? And what is the correct way to
> redirect/forward a user to their originally requested url after a login?
>
> I'm trying to set up a security interceptor that will authenticate a user
> that hasn't yet been authenticated. I'm mirroring the interceptor setup in
> the stripes "intercept execution" how to. If a user hasn't logged in, he
> gets forwarded to the login action bean. I pass along the original target
> url, so the login action bean can forward the user to the right page after
> login. My problem is that the target url gets truncated so that I can't
> use
> it to forward a user after login.
>
> Say my request url is: /subpath1/subpath2, the request url returned from
> actionBeanContext().getRequest().getServletPath() is /subpath1. The path
> gets truncated even whether or not the interceptor is invoked. The url
> binding for my action bean is:
> @UrlBinding("/subpath1/subpath2/{$event}")
>
> The url also gets truncated to /subpath1 if the original request is
> /subpath1/subpath2/view.
>
> This must be a standard procedure, but I couldn't locate a how to or any
> posts on it. Is it too basic? :)
>
> Thanks for any tips,
> Peter
> --
> View this message in context:
> http://www.nabble.com/security-interceptor-tp23208429p23208429.html
> Sent from the stripes-users mailing list archive at Nabble.com.
>
>
>
> ------------------------------------------------------------------------------
> Crystal Reports - New Free Runtime and 30 Day Trial
> Check out the new simplified licensign option that enables unlimited
> royalty-free distribution of the report engine for externally facing
> server and web deployment.
> http://p.sf.net/sfu/businessobjects
> _______________________________________________
> Stripes-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/stripes-users
>
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensign option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Stripes-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/stripes-users
