struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank Nestel <dorisnfr...@bigfoot.com>
Subject Proposed feature: AdminAction
Date Sun, 02 Jul 2000 22:52:04 GMT
This is the last one for tonight.

I still hate, I have to stop my web server in order to make 
changes to the action.xml work. What I tried and what worked
at least a bit was a class AdminAction which has the following
perform method.

   public ActionForward perform(ActionServlet servlet,
			ActionMapping mapping,
			ActionForm form,
			HttpServletRequest request,
			HttpServletResponse response)
        throws ServletException
    { 
        servlet.log("admin="+request.getParameter("admin"));
        if ( "reset".equals(request.getParameter("admin")) )
        {
            servlet.log("*** reinit");
            //servlet.initMapping();
            servlet.init();
        }
        return mapping.findForward("page");
    }

This is very, very crude for various reasons:

 * One might want to trigger the initInternal, initDebug,
initApplication,
   initMapping, initOther separately.
 * The Action gives no meaningfull return page about what actually
happened.
 * I'm not sure if it is legal to call a running servlets init() again
one
   surely had to inspect thread safety or synchronization things.
 * It would be nice to have kind of an Administrative Page with buttons 
   and stuff to allow various options. Maybe also showing infos about
   the loaded action.xml, error log data etc. etc.
 * A security concept is needed, who is allowed to access this special 
   Action. I thought of things like extra password parameters in the 
   action.xml and/or lists/patterns of URLs/IPs which are allowed to
access
   that Action (also in the action.xml). Since we wouldn't wan't to have
our
   struts application to suffer from a "permanent reinitialization
attack".
   I could imaging a criterion like a simple password and the
restriction to
   a IP from a companies intranet would be safe enough for some
applications.
   In high security cases one just shouldn't use that Action ...

Anyway it worked in my low traffic, single server, Resin(c) test
environment, 
and was therefor allready useful for me. 

Btw. Before writing that action, I considered writing a special servlet
for the
same purpose or overloading the ActionBase class by s.th. which reacts
on
certain parameter constellations.

The combination of an AdminAction with my earlier suggestion of a
linkAction 
tag would allow some changes on life systems without stopping the server
and without annoying customers, since I could replace one logical
structure on the 
fly by another (as long as business logic does not change to much).

Frank

-- 
---------------------------------ooO---"---Ooo--------------
Spiele von Doris und Frank, Dr. Frank Sven Nestel,
Wolfsstaudenring 32, D-91056 Erlangen-Kriegenbrunn, GERMANY. 
dorisnfrank@bigfoot.com                 "I hate this game,
http://www.bigfoot.com/~dorisnfrank      lets play it again"
SOON moving to: http://doris-frank.de
AND ALSO on   : http://duf.damud.com


Mime
View raw message