----- Original Message -----
From: "Jason Lea" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Monday, August 30, 2004 6:07 PM
Subject: Re: SecurityFilter Question?
> >
> >Can't u do this using an Action? Say, accessing /admin/LogAction.do
> >invokes SecurityFilter, after authentication by SecurityFilter is passed,
> >go directly to LogAction as below
> >
> >
>
> The problem comes if the user bookmarks a url like /user/abc.do, starts
> up their browser and goes directly to the protected URL. The security
> filter will take them to the login form, they submit username/password
> and seucirty filter authenticates them. Once they are authenticated
> they are redirected back to /users/abc.do - they don't pass through
> LogAction at all. So I normally have a filter that makes sure the bean
> is in session from where ever they are called.
>
> You don't have to use a filter though, you could make a base action that
> does puts the bean into session and have all your actions sub-class that
> one.
Using action to put bean in Session after SecurityFilter, how is that
possible when after authentication by SecurityFilter, u taken right
back to /user/abc.do where u 1st request it and doesn't pass
through to action attribute as specified in action-mapping of
struts-config.xml?
I have tried to use action, after authentication, I am indeed taken
back to the page /admin/logon.do or /user/logon.do and got
error message in browser:
HTTP Status 400 - Invalid path /admin/Logon was requested
message Invalid path /admin/Logon was requested
description The request sent by the client was syntactically incorrect
(Invalid path /admin/Logon was requested).
-------------
My action mapping is struts-conf.xml
Both
<action
path="/admin/Logon.do"
type="org.apache.struts.actions.ForwardAction"
parameter="LogAction.do?action=logon"/>
<action
path="/user/Logon.do"
type="org.apache.struts.actions.ForwardAction"
parameter="LogAction.do?action=logon"/>
<!--
My LogAction extends DispatchAction and will try
to put User bean in session. -->
or
<action
path="/admin/Logon.do"
type="org.apache.struts.actions.ForwardAction"
parameter="Welcome.do"/>
<action
path="/user/Logon.do"
type="org.apache.struts.actions.ForwardAction"
parameter="Welcome.do"/>
won't work.
-----------------------
BTW, how wud u use html:form to display
login fields?
I can't get struts tag to work with login fields
except for using things like:
<form action="j_security_check" method="POST">
Username: <input type="text" name="j_username"><p>
Password: <input type="password" name="j_password"><p>
<input type="Submit">
</form>
------------------
Ok, using filter (as u said) after SecurityFilter wud solve this simply but
I like to stick with pure Struts approach if possible.
Thanks
> Jason Lea
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
