struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve" <>
Subject RE: Accessing protected resources via a login page
Date Wed, 20 May 2009 16:00:39 GMT
Thanks to Stuart, Lukasz and Wes for your advice.

I decided to stick with a home-grown solution because I'm only interested in
GET's right now and I don't want the complexity of adding Spring into the
mix with EJB3, Struts and JPA already working well together. This is because
I haven't used Spring before.

It's all working now but Spring may have been a better option!

Stuart's code worked fine until I bought parameters into the mix.
Unfortunately getRequestURL () doesn't return the parameters and I couldn't
find any other method that did. Therefore I had to iterate through the
parameters map and rebuild the parameters part of the request URL.

This worked fine with a single parameter but failed with two or more
parameters. This turned out to be a known issue with the redirect result
when used with ${url}. In this case the returned string is not URL encoded
so the single url parameter gets split on the embedded &. I added an extra
method to the action (getEncodedURL ()) and then used ${encodedUrl}. This
worked fine as the parameters interceptor automatically decodes parameters.



-----Original Message-----
From: Stuart Ellidge [] 
Sent: 19 May 2009 16:56
To: Struts Users Mailing List
Subject: Re: Accessing protected resources via a login page

Hi Steve,

What you are asking is relatively simple really - we implemented an
interceptor to capture the current request URL and store it in the current
value stack. We can subsequently reference it in our JSPs and use it in
forms in several places to enable us to redirect to the original page after
certain events occur. Here is the intercept method:

  public String intercept(ActionInvocation invocation) throws Exception {
HttpServletRequest request = ServletActionContext.getRequest();
StringBuffer returnUrl = new StringBuffer(request.getRequestURL());
invocation.getStack().set("returnURL", returnUrl);    return
invocation.invoke();  }

In your example, you would add setUrl and getUrl methods to the login action
class and then use the ${returnURL} in your JSP to create the request
parameter / hidden input.

Also, don't forget about the ability to use OGNL within your results... so
your result could be of type "redirect" sending to a location of ${url}
(that being the parameter name in your example below, and resolving to


p.s. the reason for using the interceptor, rather than just accessing the
request URL directly in the JSP is that by the time the JSP is rendered,
that URL points to the JSP itself, rather than the action.

On 19/05/2009 16:44, "Steve" <> wrote:

I would rather avoid using Acegi as I'm not using Spring. I'm using Struts 2
and EJB3.

I appreciate the Acegi can be used without Spring. But it still seems like
overkill to solve this one issue.

I was hoping to generate a call to login.action like
".../login.action?url=<complete request string>". I guess storing the
request string in the session would work just as well. Do you know the
easiest way to access the request string from an interceptor or action?

Many Thanks,


-----Original Message-----
From: Lukasz Lenart []
Sent: 19 May 2009 15:26
To: Struts Users Mailing List
Subject: Re: Accessing protected resources via a login page

2009/5/19 Steve <>:
> Can anyone advise on the best way to do this?

Use Acegi, it has such functionality built-in or store request path in
session when redirecting to login page and after successful login,
read it from session and redirect to it. It should be achievable with
the same interceptor you created.


To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message