Re: login and session

Tue, 16 Oct 2007 23:25:28 -0700 

Hi,

You should use interceptors provided by struts 2 for authenticating the
user. The interceptor provide you with easy coding according to AOP.
You can take a look at the sample application accompanying with struts2
distribution, that is mailreader.

Tuyen Dinh

On 10/16/07, Lizzy Borden <[EMAIL PROTECTED]> wrote:
>
>
> Hello,
>
> I am starting to learn struts2 and I need some help.
> I have done a login form, if the loginAction returns SUCCESS I forward to
> a
> index.jsp, if it returns ERROR I forward to login.jsp page again.
>
> When the authentication is good I create a Session var called logged-in
> and
> I set it to true:
>
>         Map session = ActionContext.getContext().getSession();
>         session.put("logged-in","true");
>
> There is another action, the logoutAction, that remove the Session var.
> Then I have done a loginCheck.jsp file I include in the index.jsp in order
> to avoid unauthorized accesses.
> The loginCheck,jsp file looks like this:
>
>
> <%@ taglib prefix="s" uri="/struts-tags" %>
> <%@ page language="java" contentType="text/html" import="java.util.*"%>
> <html>
>     <head>
>         <title>Check validate!</title>
>     </head>
>   <body>
>          <%
>          try{
>
> response.getWriter
> ().println("DEBUG:"+request.getSession().getAttribute("logged-in"));
>             if
> (request.getSession().getAttribute("logged-in").equals("true")){
>             // do nothing!
>             }else{
>
> response.sendRedirect(request.getContextPath()+"/auth/login.jsp");
>                 }
>
>             }catch(Exception e){
>                 //e.printStackTrace();
>                 response.getWriter().println("exception!");
>
> response.sendRedirect(request.getContextPath()+"/auth/login.jsp");
>             }
>
>     %>
>
>     </body>
> </html>
>
> So, if the logged-in is setted to true, it's ok. Since the logged-in is
> removed if I try to access the Session it generates an exception so, if
> the
> exception happens I redirect to login.jsp page, but this redirect dosen't
> work. why? How can I did wrong?
> Can I also replace this code with the
> <s:if test="#session.logged-in !='true' "> redirect else do nothing...but
> it
> doesn't work too.
>
> So the questions are:
>
> 1- why my redirection in the catch segment does not work? how can I handle
> it?
> 2- writing the jsp code instead of struts tag is correct? Have I to use
> the
> <s:if ..> tags ??
>
> thanks
> lizzie
> --
> View this message in context:
> http://www.nabble.com/login-and-session-tf4634204.html#a13233578
> Sent from the Struts - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Reply via email to