struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alberto A. Flores" <aaflo...@gmail.com>
Subject Re: This is odd, sometimes my requests 'miss' the Struts2 filter
Date Thu, 10 Jul 2008 12:59:24 GMT
As far as I know, the servlet spec 2.3 didn't comment much on what to do 
on forwards (whether to make forwarded resources pass through the 
filters as well or not). Tomcat 4.x assumed you didn't have to, whereas 
other containers (e.g. weblogic 8) passed them through. This was fix in 
servlet spec 2.4 (Tomcat 5.x) where additional configuration can be made 
for these cases (the default is only request, but now you have control 
over forwards, includes, errors, etc).

Depending on what your JSP is trying to do (target url), you security 
would need to address those destinations as well. Also, consider 
checking WW-2025 (Struts2 JIRA) as the fix above seems to break in IE7 
(not sure why either, but I know that IE handles HTTP 1.1 in a weird 
way, so I'm not surprised).

Also, have you declared a security-role, disabled caching on your JSP, 
etc, etc, while testing this problem. It is also possible that you 
properly authenticated once and the session never got invalidated and 
you were always running on a valid session (cookie based).

Lyallex wrote:
> Hello
> 
> Tomcat version  5.5.26
> Struts2 version 2.0.11.1
> 
> I'm trying to understand why, given the following in web.xml requests
> sometimes 'miss out' the Struts2 filter
> 
> <filter>
>   <filter-name>struts2</filter-name>
>   <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
> </filter>
> 
> <filter-mapping>
>   <filter-name>struts2</filter-name>
>   <url-pattern>/*</url-pattern>
> </filter-mapping>
> 
> 
> It appears to really only be an issue with web.xml declarative security
> 
> Reading around the various archives it appears that this is a know issue
> when trying to use Struts2 Actions as the target but I'm not trying to do that
> I just use a standard jsp.
> 
> <odd>
> 
> The really odd thing is that the login process works perfectly
> sometimes and sometimes it fails with the (apparently well known) message
> 
> The Struts dispatcher cannot be found.
> This is usually caused by using Struts tags without the associated filter ...
> 
> </odd>
> 
> Here's the login config
> 
> <login-config>
>   <auth-method>FORM</auth-method>
>   <realm-name>Form based authentication</realm-name>
>   <form-login-config>
> <form-login-page>/login.jsp</form-login-page>
> <form-error-page>/login.jsp</form-error-page>
>   </form-login-config>
> </login-config>
> 
> Someone, somwhere on my journey through the archives suggested this fix.
> 
> <filter-mapping>
>   <filter-name>struts2</filter-name>
>   <url-pattern>/*</url-pattern>
>   <dispatcher>REQUEST</dispatcher>
>   <dispatcher>FORWARD</dispatcher>
> </filter-mapping>
> 
> It does appear to solve the problem I was just wondering why ?
> 
> Is there a definitive resolution to this problem out there somewhere ?
> 
> TIA
> 
> lyallex
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
> 
> 

-- 

Alberto A. Flores
http://www.linkedin.com/in/aflores



Mime
View raw message