I don't think problem is mapping correct page from Action class. If you
look into my initial code posting /changepassword need form validation
so it calls the validate() method and since there is no data it fails. I
have input="changePasswordPage" which takes to the tile where it look
for the session variable.
My problem I don't a mechanism where if some one POST the empty data
validation fail must lead to not login message or invalid access
message. How can I make such distinction from normal form submission?
Thanks,
Anjib
On 6/13/2012 7:00 PM, Takanori Hayashi wrote:
Hello Anjib,
[Error message]
Caused by: javax.servlet.jsp.JspException: Cannot find bean:
"userInfo" in any scope
[Cause]
If someone type direct URL http://localhost:8080/MyApp/changepassword.do,
no userInfo in the session.
Then userIsLoggedIn method returns false,
return mapping.findForward("sessionEnded");
On this case, would the same JSP, changePasswordPage be called or
some JSP using userInfo session information?
a JSP, changePasswordPage.
<logic:empty name="userInfo" property="firstName">
${userInfo.userName}
</logic:empty>
[Measure idea #1]
On BaseAction
Changed from:return mapping.findForward("sessionEnded");
to: some JSP page without userInfo session
information.
[Measure idea #2]
On BaseAction
Changed from:
if (!this.userIsLoggedIn(request)) {
ActionErrors errors = new ActionErrors();
errors.add("error", new
ActionMessage("error.userNotLoggedIn"));
this.saveErrors(request, errors);
String url = request.getServletPath() + "?" +
request.getQueryString();
request.getSession().setAttribute("forwardPath", url);
return mapping.findForward("sessionEnded");
}
to:
if (!this.userIsLoggedIn(request)) {
ActionErrors errors = new ActionErrors();
errors.add("error", new
ActionMessage("error.userNotLoggedIn"));
this.saveErrors(request, errors);
String url = request.getServletPath() + "?" +
request.getQueryString();
request.getSession().setAttribute("forwardPath", url);
// ADD
request.getSession().setAttribute("userInfo", SOMETHING
TEMPORARY INFORMATION);
return mapping.findForward("sessionEnded");
}
Best regards,
Takanori Hayashi
(2012/06/14 3:07), Anjib Mulepati wrote:
I am looking for such prevention measure. Right now for most action I
have Base action where it check whether user has logged in or not.
On 6/13/2012 1:21 PM, Dave Newton wrote:
On Wednesday, June 13, 2012, Anjib Mulepati<anji...@hotmail.com>
wrote:
Where and how I do that?
In Struts 1.2 you'd use a custom request processor (or just a
filter). Not
sure about 1.3.
How are you preventing access to protected pages now?
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
