You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@struts.apache.org by Kevin Gibbs <ke...@ramesys.com> on 2000/09/22 15:54:51 UTC

Returning a standard jsp page

Is there a way to return a default page for every action without setting up
an entry for each action in action.xml?

Scenario:
We want to check if a user has "permission" to use an action, and if not
return them to a standard "Permission Denied" page.

Have I explained this enough?

Many Thanks - Kevin

----------------------------------------------------------------------------
---------
Kevin Gibbs	Email: kevin.gibbs@ramesys.com

Ramesys (AEC) Limited	Tel: +44 (0)29 2079 2260 Ext 201
1 Pascal Close	
St Mellons	Fax: +44 (0)29 2079 2504
Cardiff, UK		
CF3 0LW	Url: http://www.ramesys.com/aec

Re: Returning a standard jsp page

Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.

Kevin Gibbs wrote:

> Is there a way to return a default page for every action without setting up
> an entry for each action in action.xml?
>
> Scenario:
> We want to check if a user has "permission" to use an action, and if not
> return them to a standard "Permission Denied" page.
>
> Have I explained this enough?
>

With the current Struts, you can define a "global" forward definition by putting
the <forward> element outside of any <action> element:

    <action-mappings>
        <forward name="denied" path="/permission-denied.jsp">
        <action ...>
        <action ...>
    </action-mappings>

Then, in your action that checks for permission, just call:

    return (servlet.findForward("denied"));

to look up the logical definition of the "denied" forwarding element, and ask
the controller servlet to forward control to the corresponding page.

If you want the controller servlet to do this check for you automatically, so
that you don't have to check in every action, one approach would be to subclass
ActionServlet and override the processMapping() method, something like this:

    protected ActionMapping processMapping(String path) {
        if (user is allowed to access this path) {
            return (super.processMapping(path));
        else
            return (a special mapping for my denied message)
        }
    }

where the "special mapping" action would do the trick described above and look
up the right ActionForward.

This approach would centralize all the access control checking in one place.

>
> Many Thanks - Kevin
>

Craig

====================
See you at ApacheCon Europe <http://www.apachecon.com>!
Session VS01 (23-Oct 13h00-17h00):  Sun Technical Briefing
Session T06  (24-Oct 14h00-15h00):  Migrating Apache JServ
                                    Applications to Tomcat