Interceptors in Struts2 are, as their name implies, the interceptors.
For they place themselves in a state intemedio between the Struts2 filter that acts as a dispatcher and social action. Their purpose is to allow to run operations prior to execution of a method of an Action and / or change its outcome. Are generally used for common operations and cross nell'appliccativo. We say take care of one aspect of web application, because their logic, if you have used this technology, is very close AOP.
interceptor if they can define how many there are. Some are already present by default in Struts2 like the one that deals with the validation or the setting of the values \u200b\u200bposted by the browser in action. But posssiamo also define custom according to our needs.
Since there may be a + for indeed there always more than one (otherwise Struts2 does not work) they must be defined in the 'stack' so as to define the execution order. Let me give you a sketch and try to comment:
a request comes from the user to perform a specific action. The filter acts on the call and then launches into a ActionInvocation which contains the action to be performed and other info. ActionInvocation The event is intercepted by the interceptor stack defined in the first struts.xml as a stack for that action (can be customized to action).
Then it performs its operations on ActionInvocation and propagates. The
intercepts the second, and so on. After his
interceptor runs the action method required. The result (of type String)
is again intercepted by interceptors in reverse order before returning to the filter.
I said that it is very important the order in which interceptors are defined in the stack. Let's pretend that the third Mad Max is the one that is in charge of setting the parameters (passed in from the post after running the browser to submit a form) as attributes of action, Interceptor, and the second that of validation. The validation does not work or is it better not go all the attributes and then empty them valid. All this because the interceptor that with seven runs after that validation.
The interceptor stack and default struts.xml and are defined in each package contains their definition.
+ stack can be defined for the same package and any action can refer to what they need or the default.
Let the practice continue to extend our application "struts2tutorial. We introduce a feature: authentication. Create an interceptor that will determine whether the user is authenticated before they can perform an action defined protected. To define it we will use the protected struts.xml (as we shall see) and introduce a login form that will allow us to authenticate on the homepage. If the user is authenticated it will not be displayed, but only his username.
A user will be authenticated when it is present in the session, and to authenticate must enter the same username and password.
's start by defining the base stack that is what we have unconsciously used so far, in reality we just copy it from one defined in the struts-default.xml (remember that if you broaden the package).
Then open the file struts-default.xml that found in the root of the struts-core jar. \u0026lt;version>.
jar and copy this:
\u0026lt;interceptor-stack name="defaultStack">
\u0026lt; ; interceptor-ref name = "exception" />
\u0026lt;interceptor-ref name="alias"/>
<interceptor-ref name="servletConfig"/>
<interceptor-ref name="i18n"/>
<interceptor-ref name="prepare"/>
<interceptor-ref name="chain"/>
<interceptor-ref name="debugging"/>
<interceptor-ref name="scopedModelDriven"/>
<interceptor-ref name="modelDriven"/>
<interceptor-ref name="fileUpload"/>
<interceptor-ref name="checkbox"/>
<interceptor-ref name="multiselect"/>
<interceptor-ref name="staticParams"/>
<interceptor-ref name="actionMappingParams"/>
<interceptor-ref name="params">
<param name="excludeParams">dojo..*,^struts..*</param>
</interceptor-ref>
<interceptor-ref name="conversionError"/>
<interceptor-ref name="validation">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
<interceptor-ref name="workflow">
\u0026lt;param name="excludeMethods"> input, back, cancel, browse \u0026lt;/ param>
\u0026lt;/ interceptor-ref>
\u0026lt;/ interceptor-stack>
because I'll find an open search them so little understood as it is organized, what are the interceptors and the stack in place and how they are defined. For info on what I refer to the official documentation.
What you see is the definition of a stack. Notice how the 'actionMappingParams "is the first validation of the stack. Staying on the validation
remember I said that in the post, mostly by default skips input method? As you can see is because it is passed as parameter Interceptor that takes care of validation and of course now we can adjust as we want.
After copying struts.xml open the project and create the tag
\u0026lt;interceptors>
\u0026lt;/ interceptors>
stuck inside the stack and the name cambiategli defaultStack to turorialStack since we customize it.
Then define it as a new stack by default for all the action by inserting the following definition after the closing XML tag interceptors:
\u0026lt;default-interceptor-ref name="tutorialStack" />
Here is the struts
Momentary:
\u0026lt;!
DOCTYPE struts PUBLIC "- / / Apache Software Foundation / / DTD Struts Configuration 2.0 / / EN"
"http://struts.apache.org/dtds/struts -2.0.dtd ">
\u0026lt;struts>
\u0026lt;constant name="struts.objectFactory" value="spring" />
\u0026lt;package name =" / default "extends =" struts-default ">
\u0026lt;result-types>
\u0026lt;result-type name="tiles"
class="org.apache.struts2.views.tiles.TilesResult"
/> \u0026lt;/ result- types>
<interceptors>
<interceptor-stack name="tutorialStack">
<interceptor-ref name="exception" />
<interceptor-ref name="alias" />
<interceptor-ref name="servletConfig" />
<interceptor-ref name="i18n" />
<interceptor-ref name="prepare" />
<interceptor-ref name="chain" />
<interceptor-ref name="debugging" />
<interceptor-ref name="scopedModelDriven" />
<interceptor-ref name="modelDriven" />
<interceptor-ref name="fileUpload" />
<interceptor-ref name="checkbox" />
<interceptor-ref name="multiselect" />
<interceptor-ref name="staticParams" />
<interceptor-ref name="actionMappingParams" />
<interceptor-ref name="params">
<param name="excludeParams">dojo..*,^struts..*</param>
</interceptor-ref>
<interceptor-ref name="conversionError" />
<interceptor-ref name="validation">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
<interceptor-ref name="workflow">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="tutorialStack" />
<action name="concatena_*" method="{1}" class="concatenaAction">
<result name="input" type="tiles">concatena</result>
<result name="submit" type="tiles">concatena</result>
</action>
<action name="testvalidazione_*" method="{1}" class="testValidazioneAction">
<result name="input" type="tiles">testValidazione</result>
<result name="submit" type="tiles">testValidazione</result>
</action>
\u0026lt;/ package>
\u0026lt;/ struts>
As you have guessed the stack can not extend the stack as the other package, and must be redesigned in its entirety. Instead inherit the definition of each interceptor (see it soon as you define it).
suggest you test the application to see if everything is as it was before.
In most cases in web applications or portals, managing the authenticated user is transverse to the application and to this reason we create a basic action that provides the authenticated user when necessary: \u200b\u200b
/ * *
*
*/
package com.blogspot.piergiuseppe82.struts2intro.action;
import java.util.Map;
import org.apache.struts2.dispatcher.SessionMap;
import org.apache.struts2.interceptor.SessionAware;
import com.opensymphony.xwork2.ActionSupport;
/**
* @author placava
*
*/
@SuppressWarnings("serial")
public abstract class AbstractBaseAction extends ActionSupport implements SessionAware{
private SessionMap<String, Object> session;
protected static final String USER_TUTORIAL = "USER_TUTORIAL";
public String getUtenteTuorial() {
try{
return (String)session.get(USER_TUTORIAL);
} catch (Exception e) {
return null;}
} @ Override public void
setSession (Map \u0026lt;String, Object> arg0) {session =
(SessionMap \u0026lt;String, Object>) arg0;}
public SessionMap \u0026lt;String, Object> getSession () {return session
;
}}
Note that we extended ActionSupport since it will be extended to all the action. In addition notice that implements the interface: SessionAware. This interface allows us to give us Struts2 from the session created by the http server. To this obliges us to implement the method setSession (Map arg0 \u0026lt;String, Object>). Then the method
getUtenteTutorial (), which is dedicated to providing the user session.
We create the action that takes care of authentication:
/ **
* * / package
com.blogspot.piergiuseppe82.struts2intro.action;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
/ ** * @ author
soothed
* * /
@ SuppressWarnings ("serial")
@ Component ("autenticazioneAction)
@ Scope (" request ") public
AutenticazioneAction class extends AbstractBaseAction {
private static final String LOGIN = "login";
private static final String LOGOUT = "logout";
private static final String INDEX = "index";
private static final String LOGIN_ERROR = "loginError"
private String username;
private String password;
public String input () {
addActionError ("do not have permission to perform the operation");
return INPUT;}
public String index () {
addActionMessage ( "Click on one of the functions");
return INDEX;
} public String login () {
if (username! = null & & username.equals (password)) {
getSession (). put (USER_TUTORIAL, username);
addActionMessage ("Hello" + username + ". Hello!");
return LOGIN;} else {
addActionError ("Error during the authentication process verifies the data entered ");
LOGIN_ERROR return;}
} public String logout () {
getSession (). invalidate ();
addActionMessage (" Log out successfully executed ");
LOGOUT return;}
GetUserName public String () {return username
;}
public void SetUserName (String username) {
this.username = username;}
GetPassword public String () {
return password;}
public void SetPassword (String password) {
this.password = password;
}}
As you can see extending the Action base in order to have validity in the class has access to the session and be all ' user. Then we
methods:
input - will be invoked as a redirect if the user is not authenticated to access a protected function.
login - will be the destination as the post form of authentication. It will decide if the user has valid credentials or not. In case of success puts ustente in session. In case of failure adds a ActionError (works like ActionMessage we already know)
logout - takes care of invalidating the session.
index - since the home will need the username of the user to view, instead of creating another action to just one method I preferred to put it here. This result did not have the index.jsp as a resource input but an action that will define the struts.xml with alias "index". Finally accessor methods to its attributes.
Following its validation AutenticazioneAction-validation.xml:
\u0026lt;? Xml version = "1.0" encoding = "UTF-8"?>
\u0026lt;! DOCTYPE validators PUBLIC "- / / OpenSymphony Group / / XWork Validator 1.0.2 / / EN "" http://www.opensymphony.com/xwork/xwork-validator-1.0.2.dtd ">
\u0026lt;validators>
\u0026lt;field name="username"> ;
\u0026lt;field-validator type="requiredstring" short-circuit="true">
\u0026lt;message> \u0026lt;! [CDATA [You must enter the username.]]> \u0026lt;/ message>
\u0026lt;/ field-validator>
\u0026lt;/ field> \u0026lt;field
name="password">
\u0026lt;field-validator type="requiredstring" short-circuit="true">
\u0026lt;message> \u0026lt;! [CDATA [You must enter the password.]]> \u0026lt;/ message>
\u0026lt;/ field-validator>
\u0026lt;/ field>
\u0026lt;/ validators>
First continue to take all other action to extend the application the AbstractBaseAction. Although this step is required only for the action that we want to define siucure a matter of logic should also run on the action that does not define safe.
We go to the heart, we create our interceptor
/ **
* * / package
com.blogspot.piergiuseppe82.struts2intro.interceptors;
import com.blogspot.piergiuseppe82.struts2intro.action.AbstractBaseAction;
com.opensymphony.xwork2.ActionInvocation import, import
com.opensymphony.xwork2.interceptor.AbstractInterceptor;
/ ** * @ author
soothed
* * /
@ SuppressWarnings ("serial") public class
AuthenticationInterceptor extends AbstractInterceptor
{private static final String NON_AUTENTICATO = "noAutenticato"
@ Override public String intercept (ActionInvocation invocation) throws Exception {
if (invocation.getAction () instanceof AbstractBaseAction) {action =
AbstractBaseAction (AbstractBaseAction) invocation.getAction ( )
if (action.getUtenteTuorial () == null So to create an interceptor simply create a concrete class that extends AbstractInterceptor which forces us to implement the method "intercept (ActionInvocation invocation)."
Within this method we have to put the interceptor logic. The method
example does is check whether the action contained in the action invocation is actually an instance of the type AbstractBaseAction. In case of successful calls his method "getUtenteTutorial ()", otherwise throws an exception. If the method getUtenteTutorial "provides a null or empty string returns as result the string" noAutenticato "which, as you will see + below, is mapped as a global-result in struts.xml. So if everything goes ok, continue with the invocation of the action (to be intercepted by the interceptor set as following).
So here is the complete and final struts.xml:
\u0026lt;!
DOCTYPE struts PUBLIC "- / / Apache Software Foundation / / DTD Struts Configuration 2.0 / / EN" "http://struts.apache. org/dtds/struts-2.0.dtd "> \u0026lt;struts>
\u0026lt;constant name="struts.objectFactory" value="spring" />
\u0026lt;package name =" / default "extends = "struts-default">
<result-types> <result-type name="tiles"
class="org.apache.struts2.views.tiles.TilesResult" />
</result-types>
<interceptors>
<interceptor-stack name="tutorialStack">
<interceptor-ref name="exception" />
<interceptor-ref name="alias" />
<interceptor-ref name="servletConfig" />
<interceptor-ref name="i18n" />
<interceptor-ref name="prepare" />
<interceptor-ref name="chain" />
<interceptor-ref name="debugging" />
<interceptor-ref name="scopedModelDriven" />
<interceptor-ref name="modelDriven" />
<interceptor-ref name="fileUpload" />
<interceptor-ref name="checkbox" />
<interceptor-ref name="multiselect" />
<interceptor-ref name="staticParams" />
<interceptor-ref name="actionMappingParams" />
<interceptor-ref name="params">
<param name="excludeParams">dojo..*,^struts..*</param>
</interceptor-ref>
<interceptor-ref name="conversionError" />
<interceptor-ref name="validation">
<param name="excludeMethods">input,back,cancel,browse,index,logout</param>
</interceptor-ref>
<interceptor-ref name="workflow">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
</interceptor-stack>
<interceptor-stack name="secureTutorialStack">
<interceptor-ref name="exception" />
<interceptor-ref name="alias" />
<interceptor-ref name="servletConfig" />
<interceptor-ref name="i18n" />
<interceptor-ref name="prepare" />
<interceptor-ref name="chain" />
<interceptor-ref name="debugging" />
<interceptor-ref name="scopedModelDriven" />
<interceptor-ref name="modelDriven" />
<interceptor-ref name="authenticationInterceptor" />
<interceptor-ref name="fileUpload" />
<interceptor-ref name="checkbox" />
<interceptor-ref name="multiselect" />
<interceptor-ref name="staticParams" />
<interceptor-ref name="actionMappingParams" />
<interceptor-ref name="params">
<param name="excludeParams">dojo..*,^struts..*</param>
</interceptor-ref>
<interceptor-ref name="conversionError" />
<interceptor-ref name="validation">
<param name="excludeMethods">input,back,cancel,browse,index,logout</param>
</interceptor-ref>
<interceptor-ref name="workflow">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
</interceptor-stack>
<interceptor name="authenticationInterceptor"
class="com.blogspot.piergiuseppe82.struts2intro.interceptors.AuthenticationInterceptor" />
</interceptors>
<default-interceptor-ref name="tutorialStack" />
<global-results>
<result name="noAutenticato" type="redirectAction">
<param name="actionName">autenticazione_input</param>
</result>
</global-results>
<action name="concatena_*" method="{1}" class="concatenaAction">
<interceptor-ref name="secureTutorialStack"/>
<result name="input" type="tiles">concatena</result>
<result name="submit" type="tiles">concatena</result>
</action>
<action name="testvalidazione_*" method="{1}" class="testValidazioneAction">
<result name="input" type="tiles">testValidazione</result>
<result name="submit" type="tiles">testValidazione</result>
</action>
<action name="autenticazione_*" method="{1}" class="autenticazioneAction">
<result name="input" type="tiles">homepage</result>
<result name="login" type="tiles">homepage</result>
<result name="logout" type="tiles">homepage</result>
<result name="loginError" type="tiles">homepage</result>
</action>
<action name="index" method="index" class="autenticazioneAction">
<result name="index" type="tiles">homepage</result>
\u0026lt;/ action>
\u0026lt;/ package>
\u0026lt;/ struts>
So, as you can see there are two stacks of interceptors "tutorialStack" and "secureStackTutorial. They are identical except that the second has our interceptor Authentication
\u0026lt;interceptor-ref name="authenticationInterceptor" />
that is mapped after the definition of the stack with the words:
\u0026lt; ; interceptor name = "authenticationInterceptor" class = "com.blogspot.piergiuseppe82.struts2intro.interceptors.AuthenticationInterceptor" />
Note also how I fixed the parameters interceptor validation so as not to be run on the methods as "index" and "logout". Immediately after the
\u0026lt;interceptors> tag is defined (and must always be here) the default. Below is the global result "noAutenticato" that is "redirectAction" that makes call to the browser (with 302) with the action aka autenticazione_input "as the form for logging is that html is rendered after its running. How do we define what action should be performed under authentication and what not?
Simple enough to say that Struts2, that the action in question should not be intercepted by the stack defined as default, but one defined by the name "secureTutorialStack. To do this you have to put the tags \u0026lt;action ..> ... .. \u0026lt;/ action> the following definition:
\u0026lt;interceptor-ref name="secureTutorialStack"/>
If
I look at the struts.xml defined as the only safe ConcatenaAction no other, so that to access the functionality the user will be logged.
From this you can understand how to define + stack and how each of them may be associated with a + or action.
Ps: There are other techniques for determining which action and / or even as a method of action should be performed under authentication, such as interfaces or annotations. I usually use the annotation, I made the sample using the struts.xml just because the theme of the tutorials are interceptors, stacks and their uses.
I will list the other files involved in the changes.
The index.jsp is gone but there WebContent / pics / home.jsp that contains the form to login:
\u0026lt;% @ page language = "java" contentType = "text / html; charset = UTF-8 "
pageEncoding =" UTF-8 "%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<div class="main">
<div class="autenticazione">
<s:if test="utenteTuorial == empity">
<s:form action="autenticazione_login" method="post"> <s:textfield name="username" label="Username" /> <s:password name="password" label="Password" />
<s:submit name="submit" value="Login"/>
</s:form>
\u0026lt;/ S: if>
\u0026lt;s:else>
\u0026lt;s:form action="autenticazione_logout" method="post">
\u0026lt;strong> Hello \u0026lt;/ strong> \u0026lt;s: property value = "utenteTuorial "/>\u0026lt;/ strong>
\u0026lt;s:submit name="submit" value="Logout"/>
\u0026lt;/ s: form>
\u0026lt;/ s: else>
\u0026lt;/ div> \u0026lt;a
href="concatena_input.action"> Try Concatenate Action \u0026lt;/ a>
\u0026lt;br/>
\u0026lt;a href="testvalidazione_input.action"> Try Action Validation \u0026lt;/ a>
\u0026lt;br/>
\u0026lt;br/>
\u0026lt;br/>
\u0026lt;br/>
\u0026lt;br/>
\u0026lt;br/>
\u0026lt;br/>
\u0026lt;br/>
\u0026lt;/ div>
base frame and I added the tag for actionError:
\u0026lt;% @ page language = "java" contentType = "text / html; charset = UTF-8"
pageEncoding = "UTF-8"%>
\u0026lt;% @ taglib uri = "http://tiles.apache.org/tags-tiles" prefix = "tiles"%>
\u0026lt;% @ taglib prefix = " s "uri =" / struts-tags "%>
\u0026lt;! DOCTYPE html PUBLIC" - / / W3C / / DTD HTML 4.01 Transitional / / EN "" http://www.w3.org/TR/html4 / loose.dtd "> \u0026lt;html>
\u0026lt;head>
\u0026lt;meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
\u0026lt;title> Pergiuseppe 82 - Java e Oltre \u0026lt;/ title>
\u0026lt;link rel = "stylesheet" type="text/css" href="css/intro.css" media="all"> </head> <body>
<tiles:insertAttribute name="header" flush="false"/>
<div class="content">
<tiles:insertAttribute name="frame" flush="false"/>
<div class="areaMessaggi">
<strong>AREA MESSAGGI</strong>
<s:actionmessage/>
<s:actionerror/>
<s:fielderror/>
\u0026lt;/ Div>
\u0026lt;/ div>
\u0026lt;tiles:insertAttribute name="footer" flush="false"/>
\u0026lt;/ body>
\u0026lt;/ html>
and Last tiles.xml:
\u0026lt;! DOCTYPE tiles-definitions
PUBLIC "- / / Apache Software Foundation / / DTD Tiles Configuration 2.0 / / EN"
"http://tiles.apache.org/dtds/ tiles-config_2_0.dtd ">
\u0026lt;tiles-definitions>
\u0026lt;! - HOME BASE FRAME ->
\u0026lt;definition name =" baseframe " template="/baseFrame/baseFrame.jsp">
<put-attribute name="header" value="/blocks/header.jsp" />
<put-attribute name="footer" value="/blocks/footer.jsp" /> </definition>
<definition name="concatena" extends="baseFrame">
<put-attribute name="frame" value="/frames/concatenaFrame.jsp" />
</definition>
<definition name="testValidazione" extends="baseFrame">
<put-attribute name="frame" value="/frames/testValidazioneFrame.jsp" />
\u0026lt;/ definition>
\u0026lt;definition name="homepage" extends="baseFrame">
\u0026lt;put-attribute name="frame" value="/frames/home.jsp" />
\u0026lt;/ definition>
\u0026lt;/ tiles-definitions>
The Eclipse project files with complete and I have not mentioned can be found HERE
.
