Hi everyone,
I almost finish my project but I have one more problem: "session lost".
I save a session variable named "username" in ProcessLogonFormAction before
I use findForward("homepage") to go to my homepage "homepage.jsp" through
the action DisplayHomePageAction. DisplayHomePageAction will check the
existence of the session variable "username" to decide whether to forward
the request to the homepage.
For the first time, I can see homepage.jsp after clicking the submit
button of the logon.jsp and so DisplayHomePageAction can see the correct
session varaible "username". However, when I click a link that runs
DisplayHomePageAction again, it shows the logon page instead of homepage.jsp
because the session variable "username" is lost. In debugger, I see the
session ID is different between Step 6 and Step 7 . I don't think I have
used session.removeAttribute() and session.invalidate().
Here is my program flow:
1. DisplayLogonFormAction => 2. logon.jsp => 3. click submit => 4.
ProcessLogonFormAction => 5. DisplayHomePageAction => 6.homepage.jsp
=>7. DisplayHomePageAction => 8.homepage.jsp
Is it related to URL not encoded (JSession ID)? Can someone show me how
to make it work?
Thank you
Jason
=============================BEGIN=========================================
public ActionForward perform(ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws IOException, ServletException {
Locale locale = getLocale(request);
MessageResources messages = getResources();
HttpSession session = request.getSession();
ActionErrors errors = new ActionErrors();
com.epson.auth.LogonForm lfb = (com.epson.auth.LogonForm) form;
String username = lfb.getUsername();
String password = lfb.getPassword();
// Remove the obsolete form bean
if (mapping.getAttribute() != null) {
if ("request".equals(mapping.getScope()))
request.removeAttribute(mapping.getAttribute());
else
session.removeAttribute(mapping.getAttribute());
}
if (!isTokenValid(request))
{
System.out.println("(ProcessLogonFormAction.java - perform)
isTokenValid is false=>add error");
errors.add(ActionErrors.GLOBAL_ERROR, new
ActionError("error.transaction.token"));
}
if (!errors.empty())
{
saveErrors(request, errors);
saveToken(request);
return (new ActionForward(mapping.getInput()));
}
else
{
System.out.println("(ProcessLogonFormAction.java - perform) error
is empty=>resetToken, set session");
resetToken(request);
session.setAttribute("username",username); // extra
**********************************
System.out.println("(ProcessLogonFormAction.java - perform)
username=" + session.getAttribute("username"));
return (mapping.findForward("homepage"));
}
}
=============================END===========================================
