can not login when using Interceptor in struts2

StackOverflow https://stackoverflow.com/questions/13128265

  •  15-07-2021
  •  | 
  •  

Domanda

I have a small application to learn Struts2 Application

I write a admin page and inside that , my code will check if user logged or not, if not it will redirect to login page.

I write interceptor to check for all pages that user try to access but not login, it will redirect this user to login page. Everything is work well, but when i enter username and password correct with database, it can not login, when i remove interceptor i can be logged into admin page

Cause maybe interceptor check session of user before and after login, but maybe some cases i dont know why my application, session get null althought my username and password is true but it till null when i set session.

My code bellow will show you what i said:

Login Action 

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package org.dejavu.software.view;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
import java.util.Map;
import org.apache.struts2.interceptor.SessionAware;
import org.dejavu.software.dao.UserDAO;
import org.dejavu.software.model.GroupMember;
import org.dejavu.software.model.User;

/**
 *
 * @author Administrator
 */
public class AdminLoginAction extends ActionSupport {

    private static final long serialVersionUID = -1457633455929689099L;
    private User user;
    private String username, password;
    private String role;
    private UserDAO userDAO;
    private GroupMember group;    

    public AdminLoginAction() {
        userDAO = new UserDAO();

    }

    @Override
    public String execute() {
        String result = null;
        System.out.println(getUsername());
        if (getUsername().length() != 0 && getPassword().length() != 0) {
            setUser(userDAO.checkUsernamePassword(getUsername(), getPassword()));            
            if (getUser() != null) {
                for (GroupMember g : getUser().getGroups()) {
                    boolean admincp = g.getAdminpermission().contains("1");
                    if (admincp == true) {
                        Map session = ActionContext.getContext().getSession();  
                        session.put("userLogged", getUsername());
                        session.put("passwordLogged", getPassword());
                        result = "success";
                    } else {
                        result = "error";
                    }
                }

            }
        }        
        return result;
    }

    @Override
    public void validate() {
        if (getUsername().length() == 0) {
            addFieldError("username", "Username is required");
        }
        if (getPassword().length() == 0) {
            addFieldError("password", getText("Password is required"));
        }

    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public String getRole() {
        return role;
    }

    public void setRole(String role) {
        this.role = role;
    }

    public User getUser() {
        return user;
    }

    public void setUser(User user) {
        this.user = user;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public GroupMember getGroup() {
        return group;
    }

    public void setGroup(GroupMember group) {
        this.group = group;
    }


}

My custom interceptor Code:

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package org.dejavu.software.interceptor;

import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import java.util.Map;
import org.apache.struts2.StrutsStatics;

/**
 *
 * @author Anministrator
 */
public class LoginInterceptor extends AbstractInterceptor implements StrutsStatics {

    private static final long serialVersionUID = -3874262922233957387L;

    @Override
    public void destroy() {
    }

    @Override
    public void init() {
    }

    @Override
    public String intercept(ActionInvocation ai) throws Exception {
        Map<String, Object> session = ai.getInvocationContext().getSession();
        Object user = session.get("userLogged");

        if (user == null) {
            return "login";
        } else {
            return ai.invoke();
        }
    }
}

my struts config

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">

<struts>

    <package name="default" namespace="/" extends="struts-default">
        <action name="index" class="org.dejavu.software.view.HomeAction">
            <result>home.jsp</result>
        </action>
        <action name="about" class="org.dejavu.software.view.AboutHomeAction">
            <result>about.jsp</result>
        </action>
    </package>  

    <package name="admincp" namespace="/admincp" extends="struts-default">
        <interceptors>
            <interceptor name="login" class="org.dejavu.software.interceptor.LoginInterceptor" />
            <interceptor-stack name="stack-with-login">
                <interceptor-ref name="login"/>
                <interceptor-ref name="defaultStack"/>
            </interceptor-stack>
        </interceptors>
        <default-interceptor-ref name="stack-with-login"/>

        <global-results>
            <result name="login">login.jsp</result>
        </global-results>

        <action name="logincp" class="org.dejavu.software.view.AdminLoginAction">
            <result name="success">dashboard.jsp</result>
            <result name="input">login.jsp</result>
            <result name="error">login.jsp</result>
        </action>

    </package>  

</struts>

When i enter correct username and password match to database it till redirect to login.jsp page

and i have no idea about that

please help me

Thank you very much

È stato utile?

Soluzione

You must configure your login action to use default interceptor stack or it will NOT execute your method because your interceptor will return login result.

<action name="logincp" class="org.dejavu.software.view.AdminLoginAction">
  <interceptor-ref name="defaultStack" />
  <result name="success">dashboard.jsp</result>
  <result name="input">login.jsp</result>
  <result name="error">login.jsp</result>
</action>

Altri suggerimenti

you also have to check whether user is trying to log in for first time or not.

Because when user tries to log in first time, the session will always be null it will redirect to login page.

For this you can use one other parameter in your login form to check whether user is trying to log in for first time inside interceptor and if yes then invoke the action.

for example:

<form action='' method=''>
    <input type='hidden' name='firstLogin' value='1'/>
    <input type='text' name='username'/>
    <input type='password' name='password'/>
</form>

I used plain html in this code may be you are using struts2-tags so you can implement in that way also.

And inside your Interceptor check.

request = ai.getInvocationContext().get(HTTP_REQUEST);
if(user == null)
{
    if(!StringUtils.isEmpty(request.getParameter('firstLogin'))){
        return ai.invoke();
    }
    return "login";
}
else{
    return ai.invoke();
}
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top