stackoom
  简体   繁体   中英

Struts2 login interceptor is not working

 原文  2013-12-08 23:46:12       java/ jsp/ authentication/ struts2/ interceptor

Question

I am not able to stop user accessing a page say welcome.jsp when he is not in session, please help me in implementing login interceptor. here is my code. All I want to do is when user logs in with his user id, check wether he is in session, if he is in session, let him access any resouce else, redirect user to "somePage". TIA 

<?xml version="1.0" encoding="UTF-8" ?>


<constant name="struts.convention.default.parent.package"
    value="default" />
<constant name="struts.enable.DynamicMethodInvocation" value="false" />
<constant name="struts.custom.i18n.resources" value="global" />
<constant name="struts.objectFactory"
    value="org.apache.struts2.spring.StrutsSpringObjectFactory" />
<constant name="struts.i18n.reload" value="false" />
<constant name="struts.configuration.xml.reload" value="false" />

<package name="default" namespace="/default" extends="json-default,struts-default">

    <interceptors>
        <interceptor name="authentication"
            class="com.mycompany.abc.webapp.action.AuthenticationInterceptor" />
        <interceptor-stack name="authStack">
            <interceptor-ref name="authentication"></interceptor-ref>
            <interceptor-ref name="defaultStack"></interceptor-ref>
        </interceptor-stack>

            /> -->
        <interceptor-stack name="acc-stack">
            <!-- <interceptor-ref name="sessionCheck" /> -->

            <interceptor-ref name="json">
                <param name="enableSMD">true</param>
            </interceptor-ref>
            <interceptor-ref name="exception" />
            <interceptor-ref name="alias" />
            <interceptor-ref name="servletConfig" />
            <interceptor-ref name="i18n" />
            <interceptor-ref name="prepare" />
            <interceptor-ref name="chain" />
            <interceptor-ref name="debugging" />
            <interceptor-ref name="scopedModelDriven" />
            <interceptor-ref name="modelDriven" />
            <interceptor-ref name="fileUpload" />
            <interceptor-ref name="checkbox" />
            <interceptor-ref name="multiselect" />
            <interceptor-ref name="staticParams" />
            <interceptor-ref name="actionMappingParams" />
            <interceptor-ref name="params">
                <param name="excludeParams">dojo\..*,^struts\..*</param>
            </interceptor-ref>
            <interceptor-ref name="conversionError" />
            <interceptor-ref name="workflow">
                <param name="excludeMethods">input,back,cancel,browse</param>
            </interceptor-ref>
            <interceptor-ref name="timer" />
        </interceptor-stack>
    </interceptors>

    <default-interceptor-ref name="authStack"></default-interceptor-ref>

        <global-results>
         <result name="login" type="redirect">/home.action</result>
        </global-results>
    <action name="home">
        <interceptor-ref name="defaultStack"></interceptor-ref>
        <result name="somePage">/jsp/somePage.jsp</result>
         <result name="success">/jsp/xyz.jsp</result>
          <result name="homePage">/jsp/homePage.jsp</result>
    </action>
 <!-- <action class="com.mycompany.abc.webapp.action.LoginAction" name="login">
        <interceptor-ref name="defaultStack"></interceptor-ref>
        <result name="success">/jsp/welcome.jsp</result>
        <result name="somePage">/jsp/somePage.jsp</result>
    </action>

    <action name="welcome" class="com.mycompany.abc.webapp.action.WelcomeAction">
    <interceptor-ref name="defaultStack"></interceptor-ref>
        <result name="success">/jsp/welcome.jsp</result>
    </action> -->

</package>

LoginAction: 

@InterceptorRef(value = "defaultStack")
@ParentPackage("struts-default")

@Results({ @Result(name = "success", location = "/jsp/xyz.jsp"),
        @Result(name = "error", location = "/jsp/error.jsp"),
        @Result(name = "noAccess", location = "/jsp/abc.jsp"),
        @Result(name = "somePage", location = "/jsp/somePage.jsp"),
        @Result(name = "input", location = "/jsp/login.jsp"), })
public class LoginAction extends ActionSupport implements SessionAware,
        ModelDriven<MySession> {
private static final long serialVersionUID = -3369875299120377549L;
private String userId;
private String result = null;
@Autowired
CompService CompService;

MySession MySession = new MySession();
@Autowired
MyServices MyServices;

private Map<String, Object> sessionAttributes = null;
/*private User user = new User();*/

@Override
public String execute() {
    System.out.println("inside execute");
    System.out.println("userid************" + this.userid);
    if (this.userid != null) {

        HttpSession session = ServletActionContext.getRequest()
        .getSession();
        useridProfile profile = MyServices.getuseridProfile(this.userid);
        if (profile != null) {
            //here i am getting  a collection say my Coll
            if (myColl.isEmpty()) {
                result = "noAcess";
            }
            else{
                sessionAttributes.put("userId", userId);
                result = "success";
            }

        }

        return result;
    } else if (sessionAttributes.get("userid") == null) {

        System.out.println("Not logged in");
        System.out.println("userid************" + this.userid);
        result = "somePage";
    } 
    return result;
}

@Override
public void setSession(Map<String, Object> sessionAttributes) {
    this.sessionAttributes = sessionAttributes;
}

public String getuserId() {
    return userid;
}

public void setuserId(String userid) {
    this.userid = userid;
}

@Override
public MySession getModel() {
    // TODO Auto-generated method stub
    return MySession;
}

}

AuthenticationInterceptor 

public class AuthenticationInterceptor implements Interceptor{

    private static final long serialVersionUID = -5011962009065225959L;

     String result=null;
@Override
public void destroy() {
    //release resources here
}

@Override
public void init() {
    // create resources here
}

@Override
public String intercept(ActionInvocation actionInvocation)
        throws Exception {

    ActionContext sessionAttributes = actionInvocation.getInvocationContext();
    System.out.println("inside auth interceptor");
    Object sess = sessionAttributes.get("userid");

    System.out.println("inside auth interceptor"+sess);
   // User user = (User) sessionAttributes.get("USER");

    if(sess == null){

        if(sessionAttributes.get("userId") != null){
             result = actionInvocation.invoke();


    }
        return result;
    }
        else{

        return actionInvocation.invoke();

    }


}
}

login jsp 

    <%@ page language="java" contentType="text/html; charset=US-ASCII"
    pageEncoding="US-ASCII"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%-- Using Struts2 Tags in JSP --%>
<%@ taglib uri="/struts-tags" prefix="s"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title>Login Page</title>
</head>
<body>
<h3>Welcome User, please login below</h3>
<s:form action="login">
    <s:textfield name="userId" label="userId"></s:textfield>
    <s:submit value="Login"></s:submit>
</s:form>
</body>
</html>

2 answers

solution1
 1  2013-12-09 11:06:46

You are not using the authStack you defined in the action: 

 <action name="welcome" class="com.mycompany.abc.webapp.action.WelcomeAction">
<interceptor-ref name="authStack"></interceptor-ref>
    <result name="success">/jsp/welcome.jsp</result>
</action>

If you're using annotations, then the WelcomeAction should have @InterceptorRef(value = "authStack").

Also note that this line of code is not needed (you're not using session): 

HttpSession session = ServletActionContext.getRequest().getSession();

Finally (and most importantly), your interceptor is wrong. The following line returns the ActionContext, not the session: 

ActionContext sessionAttributes = actionInvocation.getInvocationContext();

If you want to return the session, try: 

Map<String, Object> session = ActionContext.getContext().getSession();

solution2
 0  2013-12-10 13:04:31

Your interceptor code is complete nonsense. 

public String intercept(ActionInvocation actionInvocation) throws Exception {
    ActionContext sessionAttributes = actionInvocation.getInvocationContext();

    Object sess = sessionAttributes.get("userid");
    if (sess == null) {
        if (sessionAttributes.get("userId") != null) {
            result = actionInvocation.invoke();
        }
        return result;
    }

    return actionInvocation.invoke();
}
  1. Get "userid"
  2. If it's null...
  3. ...check to see if it's not null, and...
  4. ...if it isn't, invoke and return the action's result.
  5. If it isn't... 1....invoke and return the action's result.

And that assumes you're actually looking at the session, which you're not .

What you meant to do, roughly, from memory: 

public String intercept(ActionInvocation actionInvocation) throws Exception {
    Map<String, Object> session = actionInvocation.getInvocationContext().getSession();
    return session.containsKey(SESSION_USER_KEY) ? actionInvocation.invoke() 
                                                 : GLOBAL_RESULT_LOGIN;
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Struts2 custom login interceptor Unable to determine whether the interceptor is working or not in Struts2 TokenSession interceptor in Struts2 struts2 interceptor stack Problems with struts2 interceptor Struts2 localize interceptor paramsPrepareParamsStack interceptor in struts2? Execute and Wait Interceptor in struts2 struts2 check permission interceptor Struts2 interceptor session get null value when authenticate login page
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM