Re: Form handling by direct URL in Struts 1.3.8

Wed, 13 Jun 2012 09:16:30 -0700

i know that. My question was how we handle such direct URL. Like in this case. Is there any mechanism to prevent? 

On 6/13/2012 12:07 PM, Jason Zheng wrote:

That's the problem, when you type the URL directly, the
LoginSubmitAction.execute() method will not be invoked, so the 'userinfo'
is not exits in any scope.

On Wed, Jun 13, 2012 at 11:58 PM, Anjib Mulepati<anji...@hotmail.com>wrote:


User info is put into session after they log in so its in
LoginSubmitAction class.

public class LoginSubmitAction extends org.apache.struts.action.**Action {

    private static final String ERROR = "errorFront";


    private static final String SUCCESS = "success";

    private static Log log = LogFactory.getLog("**LoginSubmitAction");


     @Override
    public ActionForward execute(ActionMapping mapping, ActionForm form,
            HttpServletRequest request, HttpServletResponse response)
            throws Exception {

        LoginForm loginForm = (LoginForm) form;
        String forwardPath = (String) request.getSession().**
getAttribute("forwardPath");
        String userName = loginForm.getUserName().**toLowerCase();
        String passWord = loginForm.getPassword();
        UserInfo userInfo = new UserInfo();

        ActionForward objAxFrwd = null;
        try {
            /* Authenticate user */

            UserDelegate userDelegate = new UserDelegate(userName, null);
            userDelegate.validateUser(**userName, passWord);
            log.info("User authenticated: " + userName);

            /* Get user profile and store in beans then to session variable
*/
            UserProfileInfo userProfileInfo = userDelegate.getUserProfile(*
*userName);
            userInfo.setUserName(**userProfileInfo.getUserName())**;
//Currently username is same as email address.
            userInfo.setPassword(passWord)**;
            userInfo.setFirstName(**userProfileInfo.getFirstName()**);
            userInfo.setLastName(**userProfileInfo.getLastName())**;
            userInfo.setEmail(**userProfileInfo.getEmail());
            userInfo.setPhone(**userProfileInfo.getPhone());



        } catch (BusinessDelegateException e) {
            /* User not authenticated */
            log.error(e.getErrorCode() + ": User not authenticated: " +
userName);

            ActionErrors errors = new ActionErrors();
            errors.add("error", new ActionMessage(e.getMessage(), false));
            this.saveErrors(request, errors);
            return mapping.findForward(ERROR);
        } catch (org.apache.cxf.binding.soap.**SoapFault s){
            log.error(s);
            return mapping.findForward(ERROR);
        }

        /* Forward control to the specified success URI */
        if (forwardPath != null) {
            objAxFrwd = new ActionForward(forwardPath);
        } else {
            objAxFrwd = mapping.findForward(SUCCESS);
        }
        request.getSession().**setAttribute("userInfo", userInfo);
        request.getSession().**setAttribute("userName", userName);
        return objAxFrwd;

    }
}
On 6/13/2012 11:51 AM, Dave Newton wrote:


I don't see anything that puts a user info into session (or request, I
forgot where it was), so it makes sense the JSP would fail.

[OT] In the future, consider removing useless, empty comments so people
trying to help have less work to do :)

Dave

On Wed, Jun 13, 2012 at 11:43 AM, Anjib Mulepati<anji...@hotmail.com>**
wrote:

  1. Base Class

public abstract class BaseAction extends org.apache.struts.action.****
Action
{

    private static Log log = LogFactory.getLog("BaseAction"****);

    /**
     *
     * @param mapping
     * @param form
     * @param request
     * @param response
     * @return
     * @throws IOException
     * @throws ServletException
     * @throws BusinessDelegateException
     */
    @Override
    public ActionForward execute(ActionMapping mapping, ActionForm form,
            HttpServletRequest request, HttpServletResponse response)
            throws IOException, ServletException,
BusinessDelegateException
{

        if (!this.userIsLoggedIn(request)****) {
            ActionErrors errors = new ActionErrors();
            errors.add("error", new ActionMessage("error.**
userNotLoggedIn"));
            this.saveErrors(request, errors);
            String url = request.getServletPath() + "?" +
request.getQueryString();
            request.getSession().****setAttribute("forwardPath", url);
            return mapping.findForward("****sessionEnded");
        }
        return executeAction(mapping, form, request, response);
    }

    /**
     *
     * @param mapping
     * @param form
     * @param request
     * @param response
     * @return
     * @throws IOException
     * @throws ServletException
     */
    protected abstract ActionForward executeAction(ActionMapping mapping,
            ActionForm form, HttpServletRequest request,
            HttpServletResponse response)
            throws IOException, ServletException;

    private boolean userIsLoggedIn(****HttpServletRequest request) {
        UserInfo userInfo = (UserInfo) request.getSession().**
getAttribute("userInfo");
        String userName = null;
        try{
            userName = userInfo.getUserName();
        } catch (NullPointerException ex) {
            log.error("User hasn't logged in yet.");
            return false;
        }

        if ( userName == null) {
            return false;
        }
        return true;
    }
}

2. Action class
public class ChangePasswordAction extends BaseAction {

    private static Log log = LogFactory.getLog("****
ChangePasswordAction");

    private static final String SUCCESS = "success";

    private static final String FAILURE = "failure";

    @Override
    public ActionForward executeAction(ActionMapping mapping, ActionForm
form,
            HttpServletRequest request, HttpServletResponse response)
            throws IOException, ServletException {

        ActionErrors errors = new ActionErrors();
        ActionMessages messages = new ActionMessages();

        ChangePasswordForm changePwdForm = (ChangePasswordForm) form;
        String userName = changePwdForm.getUserName();
        String oldPassword = changePwdForm.getOldPwd().****trim();
        String newPassword = changePwdForm.getPassword().****trim();
        UserDelegate userDelegate = new UserDelegate(userName, null);
        boolean isPasswordChanged = userDelegate.changePassword(****
userName,
oldPassword, newPassword);

        if (isPasswordChanged) {
            messages.add("password", new ActionMessage("msg.**
changePasswordSuccess"));
            this.saveMessages(request, messages);
            log.info("Password changed successfully.");
            return mapping.findForward(SUCCESS);
        } else {
            errors.add("errors", new ActionMessage("msg.**
changePasswordError"));
            saveErrors(request, errors);
            log.error("Password can't be changed");
            return mapping.findForward(FAILURE);
        }
   }
}

3. Validation class
public class ChangePasswordForm extends ValidatorForm {

    private String userName;
    private String oldPwd;
    private String password;
    private String confirmPwd;

    /**
     *
     * @return
     */
    public String getPassword() {
        return password;
    }

    /**
     *
     * @param password
     */
    public void setPassword(String password) {
        this.password = password;
    }

    /**
     *
     * @return
     */
    public String getOldPwd() {
        return oldPwd;
    }

    /**
     *
     * @param oldPwd
     */
    public void setOldPwd(String oldPwd) {
        this.oldPwd = oldPwd;
    }

    /**
     *
     * @return
     */
    public String getConfirmPwd() {
        return confirmPwd;
    }

    /**
     *
     * @param confirmPwd
     */
    public void setConfirmPwd(String confirmPwd) {
        this.confirmPwd = confirmPwd;
    }

    /**
     *
     * @return
     */
    public String getUserName() {
        return userName;
    }

    /**
     *
     * @param userName
     */
    public void setUserName(String userName) {
        this.userName = userName;
    }

    /**
     *
     */
    public ChangePasswordForm() {
        super();

    }

    /**
     * This is the action called from the Struts framework.
     * @param mapping The ActionMapping used to select this instance.
     * @param request The HTTP Request we are processing.
     * @return set of errors.
     */
    @Override
    public ActionErrors validate(ActionMapping mapping, HttpServletRequest
request) {
        ActionErrors errors = new ActionErrors();
        if(userName.isEmpty()){
            errors.add("error", new ActionMessage("error.userName"****));
        }
        if(oldPwd.isEmpty()){
            errors.add("error", new ActionMessage("error.****
oldPassword"));
        }
        if(password.isEmpty()){
            errors.add("error", new ActionMessage("error.****
newPassword"));
        }
        if(!confirmPwd.equals(****password)){
            errors.add("error", new ActionMessage("error.**
confirmPassword"));
        }
        if(userName.equalsIgnoreCase(****password)){
            errors.add("error", new ActionMessage("error.**
sameAsUsername"));
        }
        if(oldPwd.equalsIgnoreCase(****password)){
            errors.add("error", new ActionMessage("error.****
samePassword"));
        }
        return errors;
    }

    /**
     *
     * @param mapping
     * @param request
     */
    @Override
    public void reset(ActionMapping mapping, HttpServletRequest request) {
        userName = "";
        oldPwd = "";
        password = "";
        confirmPwd = "";
    }
}

On 6/13/2012 11:10 AM, Jason Zheng wrote:

  Anjib, would you like to show us the codes in the Action

ChangePasswordAction?

On Wed, Jun 13, 2012 at 10:58 PM, Dave Newton<davelnew...@gmail.com>
  wrote:

  Then it's likely you're doing something wrong if you're forwarding to a


page before creating the info that page needs.

Dave

On Wed, Jun 13, 2012 at 10:53 AM, Anjib Mulepati<anji...@hotmail.com

  wrote:

Even though I put validation in ActionForm validate() method failure
will
take to changePasswordPage. I do have validation to check form field.


On 6/13/2012 9:17 AM, Dave Newton wrote:

  Maybe some sort of validation would be helpful.


Dave

On Wed, Jun 13, 2012 at 9:03 AM, Anjib Mulepati<anji...@hotmail.com>
  wrote:

  Hi All,

  I have question regarding handling form submission by direct URL in

Struts
1.3.8

I have a page to change password which user can access after they

  login.

URL for that page is 
http://localhost:8080/MyApp/******<http://localhost:8080/MyApp/****>


**changepassword.do<http://**localhost:8080/MyApp/******

changepassword.do<http://localhost:8080/MyApp/****changepassword.do>
  
<http://localhost:8080/MyApp/******changepassword.do<http://localhost:8080/MyApp/****changepassword.do>

<http://**localhost:8080/MyApp/****changepassword.do<http://localhost:8080/MyApp/**changepassword.do>

<http://**localhost:8080/****MyApp/**changepassword.do<


http://localhost:8080/MyApp/****changepassword.do<http://localhost:8080/MyApp/**changepassword.do>
<http://**localhost:8080/MyApp/**changepassword.do<http://localhost:8080/MyApp/changepassword.do>

I have action mapping as follow:
<action path="/changepassword" input="changePasswordPage"

  scope="request"

  name="ChangePasswordForm" type="com.anjib.actions.**


ChangePasswordAction">

<forward name="success" path="changePasswordPage" />
<forward name="failure" path="changePasswordPage"/>
</action>

I have tile definition for changePasswordPage which have page like

  header

which display welcome information after user login


<div id="welcome" class="right">

<bean:message key="label.welcome" />
<logic:notEmpty name="userInfo" property="firstName">
         ${userInfo.firstName}&nbsp;${********userInfo.lastName}

</logic:notEmpty>
<logic:empty name="userInfo" property="firstName">
            ${userInfo.userName}
</logic:empty>
</div>

Now everything works fine if we follow normal process: Login and do
actions. But if someone type URL http://localhost:8080/MyApp/**
changepassword.do<http://******localhost:8080/MyApp/****
changepassword.do<

  
http://localhost:8080/MyApp/****changepassword.do<http://localhost:8080/MyApp/**changepassword.do>

<http://**localhost:8080/MyApp/**changepassword.do<http://localhost:8080/MyApp/changepassword.do>
directly


then I don't get page and I have error in Tomcat log


Caused by: javax.servlet.jsp.********JspException: Cannot find bean:

"userInfo"

in any scope

Any help will be appreciated.

Thanks,
Anjib






------------------------------********------------------------**
--**--**
--**---------
To unsubscribe, e-mail: user-unsubscribe@struts.******apac**he.org<

  http://apache.org>

<user-unsubscribe@**struts.**a**pache.org<http://apache.org><
http://struts.**apache.org<http://struts.apache.org>><


user-unsubscribe@struts.**apac**he.org<http://apache.org><
user-unsubscribe@**struts.apache.org<user-unsubscr...@struts.apache.org>

For additional commands, e-mail: user-h...@struts.apache.org


  ------------------------------******--------------------------**
--**


--**---------

To unsubscribe, e-mail: user-unsubscribe@struts.****apac**he.org<
http://apache.org**>
<

  user-unsubscribe@struts.**apac**he.org<http://apache.org><

user-unsubscribe@**struts.apache.org<user-unsubscr...@struts.apache.org>

For additional commands, e-mail: user-h...@struts.apache.org





  ------------------------------****----------------------------**

--**---------
To unsubscribe, e-mail: 
user-unsubscribe@struts.**apac**he.org<http://apache.org>
<user-unsubscribe@**struts.apache.org<user-unsubscr...@struts.apache.org>
For additional commands, e-mail: user-h...@struts.apache.org




------------------------------**------------------------------**---------
To unsubscribe, e-mail: 
user-unsubscribe@struts.**apache.org<user-unsubscr...@struts.apache.org>

For additional commands, e-mail: user-h...@struts.apache.org







---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Reply via email to