Re: Re: Catch all method for actions?

Wed, 12 May 2010 07:27:16 -0700

I use something similar for account activation using wildcards to match random validation codes appended to an action name. My URLs look like: 
https://server.com/verify_5RXQY-J9GHS

struts.xml:

    <package name="verify" namespace="/verify" extends="struts-default">
        <result-types>
<result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult" default="true"/> 
    </package>



Verify.java:

package com.x.action;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.convention.annotation.Action;
import org.apache.struts2.convention.annotation.ParentPackage;
import org.apache.struts2.convention.annotation.Result;
import org.apache.struts2.interceptor.ServletRequestAware;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;

@ParentPackage("verify")
@Action
(
    value="verify_*",
    results=
    {
        @Result(name="success", type="tiles", location="verifyPage")
    }
)
public class Verify extends ActionSupport implements ServletRequestAware
{
    private static final long serialVersionUID = 1L;

    private HttpServletRequest request;

    private String validationCode;

    public String execute() throws Exception
    {
        String originalUrl = this.request.getRequestURL().toString();
        System.out.println("Verify.execute(" + originalUrl + ")");

        if (originalUrl.lastIndexOf("verify_") != -1)
        {
this.validationCode = originalUrl.substring(originalUrl.lastIndexOf("verify_") + "verify_".length()); 
        } else {
            this.validationCode = "";
        }

        // Do something.
        System.out.println("validation code: " + this.validationCode);

        return SUCCESS;
    }

    @Override
    public void setServletRequest(HttpServletRequest request)
    {
        this.request = request;
    }

    /**
     * Accessor for the validation code property.
     *
     * @return The validation code.
     */
    public String getValidationCode()
    {
        return this.validationCode;
    }

    /**
     * Mutator for the validation code property.
     *
     * This is a property that should be populated by action chaining.
     *
     * @param validationCode The validation code.
     */
    public void setValidationCode(String validationCode)
    {
        this.validationCode = validationCode;
    }
}


Mitch Claborn wrote:
That catches unknown actions, but what I want to catch is a known action but an unknown method on that action. 

Mitch



Greg Lindholm wrote:

You can add a default action to catch any random hits

    <default-action-ref name="Unknown" />

    <action name="Unknown" class="xxx.struts.UnknownAction">
      <interceptor-ref name="unknownActionStack" />
      <result>Error.jsp</result>
    </action>
On Tue, May 11, 2010 at 11:34 AM, Mitch Claborn <mi...@claborn.net> wrote: 
A security scan on our site is sending a request like

/emailalink!"Xx<XaXaXXaXaX>xX.html

which produces an exception
com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor
com.csc.mm.web.action.EmailLink."Xx<XaXaXXaXaX>xX()
java.lang.NoSuchMethodException:
com.csc.mm.web.action.EmailLink."Xx<XaXaXXaXaX>xX()
       at java.lang.Class.getMethod(Unknown Source)
       at
org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.getActionMethod(AnnotationValidationInterceptor.java:75) 
       at
org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:47) 
       at
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87) 
       at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237) 
       at
com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.intercept(ConversionErrorInterceptor.java:122) 
       at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237) 
       at
com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:195) 
etc
I'd like to be able to somehow capture those requests into a catch-all or default method on the action so that I can do something intelligent, rather 
than just allowing an error page to show up.  Is there a way to do this?



Mitch


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org




</div>


--
Chuck Parker - chuck.t.par...@namesforlife.com
Software Developer - NamesforLife, LLC
mobile: 228-342-9346

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Reply via email to