struts 2 dispatcher and tomcat 6 security

Question

i'm trying to get struts2 to work with a tomcat 6 authentication application. my app works fine when the user is logged in. but i can't use struts tags to work in my jsp if the user isn t logged in or the user is denied (403)

is there a way to get tomcat allow acces to the struts dispatcher without being logged?

error logged:

GRAVE:The Struts dispatcher cannot be found.  This is usually caused by using Struts tags without the associated filter. Struts tags are only usable when the request has passed through its servlet filter, which initializes the Struts dispatcher needed for this tag. - [unknown location]
at org.apache.struts2.views.jsp.TagUtils.getStack(TagUtils.java:58)
at org.apache.struts2.views.jsp.StrutsBodyTagSupport.getStack(StrutsBodyTagSupport.java:44)
at org.apache.struts2.views.jsp.ComponentTagSupport.doStartTag(ComponentTagSupport.java:48)
at org.apache.jsp.acces_002drefuse_jsp._jspx_meth_s_005fa_005f0(acces_002drefuse_jsp.java:183)
at org.apache.jsp.acces_002drefuse_jsp._jspService(acces_002drefuse_jsp.java:85)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:388)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:438)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:421)
at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:342)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Unknown Source)

web.xml

<web-app>
<filter>
    <filter-name>struts2</filter-name>
    <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>

<filter-mapping>
    <filter-name>struts2</filter-name>
    <url-pattern>*.action</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>INCLUDE</dispatcher>
</filter-mapping>

<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>

<error-page>
    <error-code>403</error-code>
    <location>/acces-refuse.jsp</location>
</error-page>

<security-constraint>
    <display-name>Autorized only</display-name>
    <web-resource-collection>
        <web-resource-name>protected</web-resource-name>
        <url-pattern>/mypages.action</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>
<security-constraint>
    <display-name>public</display-name>
    <web-resource-collection>
        <web-resource-name>public</web-resource-name>
            <url-pattern>/acces-refuse.jsp</url-pattern>
    </web-resource-collection>
</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>Tomcat Server Configuration Form-Based Authentication Area</realm-name>
    <form-login-config>
        <form-login-page>/login.jsp</form-login-page>
        <form-error-page>/login-fail.jsp</form-error-page>
    </form-login-config>
</login-config>
</web-app>

acces-refuse.jsp

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<%@taglib uri="/struts-tags" prefix="s" %>
<html>
<s:a action="login">logout</s:a>
</html>

Thanks for help

Answer 1

thank you for your useful replies

i redirected to an action from my error jsp page onload and i can use the struts-tags

thanks !

acces-refuse.jsp

 <html>
  <head>
  <META HTTP-EQUIV="Refresh" CONTENT="1;URL=acces-refuse.action">
 </html>

struts.xml

<action name="acces-refuse" class="className">
        <result name="success">/acces-refuse-action.jsp</result>
</action>

this code is a bit spaghetti code but works

struts 2 dispatcher and tomcat 6 security

Question

1 answers

solution1
1 ACCPTED 2015-05-19 12:35:45

struts 2 dispatcher and tomcat 6 security

Question

1 answers

solution1 1 ACCPTED 2015-05-19 12:35:45

solution1
1 ACCPTED 2015-05-19 12:35:45