struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Beal <>
Subject Re: Logon/Logoff Design Question
Date Wed, 03 Nov 2004 16:54:26 GMT
Here's what you'll need to do:

1) In your SecureAction class, prior to returning the "login" forward 
you need to store the information relevant to the current request in the 
session.  Note that the word 'relevant' is somewhat subjective, but 
probably includes the exact request URI and the full set of request 
parameters.  How you store it is also up to you.  If  you're using the 
GET method on all of your pages, you can just store the whole thing as a 
String.  (e.g. myapp/

2) After a successful login, pull that information out of the session 
and continue processing.  If you stored a single String in your session 
as I described in step 1, probably your easiest bet is to create a new 
ActionForward instance, set redirect to true, and put the String you 
stored in the path attribute.

There are probably quite a few variations on how you can implement this, 
  but this should get you started.

-- Jeff

Tim Carr wrote:
> Hello all,
> As a Struts n00b I'm trying to make a modification to an
> already-existing Struts application.  Currently there are some Actions
> that anyone who uses the application is supposed to be able to execute,
> these Actions simply extend Action and override the execute method (as
> you'd expect). Then, there are some actions that require the user to be
> "logged on" in order for the Actions to occur. This is currently
> accomplished by having an abstract class SecureAction which extends
> Action, and overrides the execute method:
> public final ActionForward execute (ActionMapping mapping, ActionForm
> form, HttpServletRequest request, HttpServletResponse response)
> {
>         if (request.getSession().getAttribute("username") == null)
>         {
>             return mapping.findForward("login");
>         }
>         return run(mapping, form, request, response);
> }
> public abstract ActionForward run (ActionMapping mapping,
>                                        ActionForm form,
>                                        HttpServletRequest request,
>                                        HttpServletResponse response);
> As you can see, if an Action that extends SecureAction (which I'll refer
> to as a secure action) gets forwarded-to, it'll forward to the login
> screen. 
> The modification? Under the current design after you've logged in,
> there's no way to continue on with the original secure action; so, if
> you wade through a whole bunch of navigation to get an Action started up
> (and have forgotten to logon beforehand), you get redirected to the
> logon page, logon, and then have to repeat all of the navigation!  I
> wish to make it so that the login page can somehow just continue the
> original action if the user logs in successfully.
> Is there any way to do this under the current design of having my
> actions extend SecureAction, or will this require changing this design?
> Thanks!
> Tim

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message