Hi,
You should use interceptors provided by struts 2 for authenticating the
user. The interceptor provide you with easy coding according to AOP.
You can take a look at the sample application accompanying with struts2
distribution, that is mailreader.
Tuyen Dinh
On 10/16/07, Lizzy Borden <[EMAIL PROTECTED]> wrote:
>
>
> Hello,
>
> I am starting to learn struts2 and I need some help.
> I have done a login form, if the loginAction returns SUCCESS I forward to
> a
> index.jsp, if it returns ERROR I forward to login.jsp page again.
>
> When the authentication is good I create a Session var called logged-in
> and
> I set it to true:
>
> Map session = ActionContext.getContext().getSession();
> session.put("logged-in","true");
>
> There is another action, the logoutAction, that remove the Session var.
> Then I have done a loginCheck.jsp file I include in the index.jsp in order
> to avoid unauthorized accesses.
> The loginCheck,jsp file looks like this:
>
>
> <%@ taglib prefix="s" uri="/struts-tags" %>
> <%@ page language="java" contentType="text/html" import="java.util.*"%>
> <html>
> <head>
> <title>Check validate!</title>
> </head>
> <body>
> <%
> try{
>
> response.getWriter
> ().println("DEBUG:"+request.getSession().getAttribute("logged-in"));
> if
> (request.getSession().getAttribute("logged-in").equals("true")){
> // do nothing!
> }else{
>
> response.sendRedirect(request.getContextPath()+"/auth/login.jsp");
> }
>
> }catch(Exception e){
> //e.printStackTrace();
> response.getWriter().println("exception!");
>
> response.sendRedirect(request.getContextPath()+"/auth/login.jsp");
> }
>
> %>
>
> </body>
> </html>
>
> So, if the logged-in is setted to true, it's ok. Since the logged-in is
> removed if I try to access the Session it generates an exception so, if
> the
> exception happens I redirect to login.jsp page, but this redirect dosen't
> work. why? How can I did wrong?
> Can I also replace this code with the
> <s:if test="#session.logged-in !='true' "> redirect else do nothing...but
> it
> doesn't work too.
>
> So the questions are:
>
> 1- why my redirection in the catch segment does not work? how can I handle
> it?
> 2- writing the jsp code instead of struts tag is correct? Have I to use
> the
> <s:if ..> tags ??
>
> thanks
> lizzie
> --
> View this message in context:
> http://www.nabble.com/login-and-session-tf4634204.html#a13233578
> Sent from the Struts - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
