We were going to implement this today or early next week :-)...looking at
the code, I feel you don't need to extend ActionServlet at all. Instead the
filter will create the request before forwarding to the ActionServlet.
public class LoginFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
ServletContext context = filterConfig.getServletContext();
If ( !loggedIn ) {
// save all parameters to session
// save current URI as REDIRECT_URI in session
// redirect to login action
} else if ( redirectUriIsSet ) {
RedirectServletRequest newreq = new
RedirectServletRequest(request);
Chain.doFilter(newreq, response);
}
}
Thanks
-- pady
[EMAIL PROTECTED]
-----Original Message-----
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: Friday, March 26, 2004 10:35 AM
To: 'Struts Users Mailing List'
Subject: RE: How does ActionForm data pass through container called form
based login page?
Paddy,
Looks like you've been here before!! :-)
It'll take me a bit of time to digest this, but I'll have a look.
Does this actually work for you?
Thanks
Martin
-----Original Message-----
From: Pady Srinivasan [mailto:[EMAIL PROTECTED]
Sent: 26 March 2004 15:21
To: Struts Users Mailing List
Subject: RE: How does ActionForm data pass through container called form
based login page?
This is the only solution I can think of:
public class RedirectServletRequest extends HttpServletRequest {
public RedirectServletRequest(HttpServletRequest req) {
this.request = req;
}
public String getParameter(String name) {
if ( request.getParameter(name) == null ) {
String paramVal = (String)request.getSession().
getAttribute("TEMP_SAVED_PARAM");
request.getSession().removeAttribute("TEMP_SAVED_PARAM");
return paramVal;
}
return (String)request.getParameter(name);
}
// override all other methods using the delegate request
}
public class RedirectActionServlet extends ActionServlet {
public void doPost(HttpServletRequest request, ...) {
process(new RedirectActionServlet(request), response);
}
public void doGet(HttpServletRequest request, ...) {
process(new RedirectActionServlet(request), response);
}
}
public class LoginFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
ServletContext context = filterConfig.getServletContext();
If ( !loggedIn ) {
// save all parameters to session
// save current URI as REDIRECT_URI in session
// redirect to login action
}
}
public class LoginAction extends Action {
public void execute(...) {
// do login
// login success
// redirect to REDIRECT_URI
}
}
Thanks
-- pady
[EMAIL PROTECTED]
-----Original Message-----
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: Friday, March 26, 2004 8:59 AM
To: 'Struts Users Mailing List'
Subject: RE: How does ActionForm data pass through container called form
based login page?
Well I've just simplified by login form - plain html - no struts stuff
going on.
I've also simplified the filter so detects a fresh logon and starts a
session accordingly - no longer any redirecting to LoginAction.
However the critical behaviour is still the same - existingCustomerForm
- the one I need to survive the login process still ends up getting
trashed.
I'm wondering if I have to make every form (that might span a session
timeout) part of the login page so that it stays alive - this sounds
like a ridiculous solution. Has anyone else got a solution?
Thanks
Martin
-----Original Message-----
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 26 March 2004 09:41
To: [EMAIL PROTECTED]
Subject: How does ActionForm data pass through container called form
based login page?
Hi,
Suppose I've got a web based form that posts data to an action, and I
have that action protected by container form based authorization - how
does the ActionForm data get through.
I have a situation like this, and my ActionForm is empty after I've been
through the form-based login page.
One could say - stick the input form in the constrained area also, so
the login page doesn't come between the input form and the action that
processes it - but this is actually occurring when a session times out
whilst sitting at the input form.
Thanks
Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
______________________________________________________________________
This e-mail has been scanned by the Heroix e-mail security system
______________________________________________________________________
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
______________________________________________________________________
This e-mail has been scanned by the Heroix e-mail security system
______________________________________________________________________
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
