You could dispense with changing/extending the controller by creating an
abstract action layer that defines a new abstract method such as
performAction() which returns an actionforward obj like perform() .
Your perform method in the abstract class then carries out the validaton if
it is ok it call the abstract method. Otherwise it forwards to an error page
(or anywhere)
Your secure actions extend from your abstract authentication action and
implement the abstract method with your processing etc.
The benefits of this are:
that you can specify additional parameters in you abstract method eg a db
connection from your pool or authenticated user object. Of course you still
pass the struts stuff down to the abstract method as well (request response
mapping etc).
You can manage the db connection(if you pass one down) and exception
handling in extensions of this class from the abstract class with try catch
finally etc with out having to repeat code in every action class
Also it means that you can leave the controller servlet alone - this sits on
top of strut controller/actions
eg:
public abstract class secureAction extends action {
public actionforward perform(req,res,etc...)
try
// carry out validation/authentication
if valid
return performAction(req,res etc PLUS any other objs you need/want
in subclass implementations ie db connection);
else
KICK USER OUT
catch throwable
log exception; forward to errorpage
rollback db connection (there is one
finally
release resources etc
}
//NEW ABSTRACT METHOD
public abstract actionforward performAction(req,res etc PLUS any other objs
you need/want in subclass implementations);
}
public class SecureExtensionAction extends secureAction {
//implementation of abstract method
public ActionForward performaction(params inherited from superclass)throws
throwable {
do processing withou having to manage resources this is taken care of by
superclass
}
}
HTH!
Jin
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
