You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by mr...@apache.org on 2003/10/24 04:35:02 UTC
cvs commit: jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet AuthorizeAction.java RequestNoCache.java SelectForward.java SetContentType.java
mrdon 2003/10/23 19:35:02
Modified: contrib/struts-chain/src/conf chain-config.xml
Added: contrib/struts-chain/src/java/org/apache/struts/chain
AbstractAuthorizeAction.java
AbstractRequestNoCache.java
AbstractSelectForward.java
AbstractSetContentType.java
contrib/struts-chain/src/java/org/apache/struts/chain/servlet
AuthorizeAction.java RequestNoCache.java
SelectForward.java SetContentType.java
Log:
Adding in some missing pieces. Pretty much straight one-to-one mappings of
RequestProcessor methods to chain actions.
Revision Changes Path
1.6 +26 -5 jakarta-struts/contrib/struts-chain/src/conf/chain-config.xml
Index: chain-config.xml
===================================================================
RCS file: /home/cvs/jakarta-struts/contrib/struts-chain/src/conf/chain-config.xml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- chain-config.xml 10 Oct 2003 04:26:16 -0000 1.5
+++ chain-config.xml 24 Oct 2003 02:35:02 -0000 1.6
@@ -66,9 +66,9 @@
processLocale SelectLocale
- processContent NOT SUPPORTED YET
+ processContent SetContentType
- processNoCache NOT SUPPORTED YET
+ processNoCache RequestNoCache
processPreprocess LookupCommand with optional="true". Multiple
occurrences of this can easily be added, to
@@ -78,7 +78,7 @@
processMapping SelectAction (which also does processPath)
- processRoles NOT SUPPORTED YET
+ processRoles AuthorizeAction
processActionForm CreateActionForm
@@ -86,7 +86,7 @@
processValidate ValidateActionForm / SelectInput
- processForward NOT SUPPORTED YET
+ processForward SelectForward
processInclude NOT SUPPORTED YET
@@ -116,11 +116,26 @@
<!-- Identify the Locale for this request -->
<command
className="org.apache.struts.chain.servlet.SelectLocale"/>
+
+
+ <!-- Set (if needed) no cache HTTP response headers -->
+ <command
+ className="org.apache.struts.chain.servlet.RequestNoCache"/>
+
+
+ <!-- Set (if needed) the HTTP response content type -->
+ <command
+ className="org.apache.struts.chain.servlet.SetContentType"/>
<!-- Identify the ActionConfig for this request -->
<command
className="org.apache.struts.chain.servlet.SelectAction"/>
+
+
+ <!-- Authorize the selected ActionConfig for this request -->
+ <command
+ className="org.apache.struts.chain.servlet.AuthorizeAction"/>
<!-- Create (if needed) the ActionForm for this request -->
@@ -141,6 +156,12 @@
<!-- Select the appropriate ForwardConfig for return to input page -->
<command
className="org.apache.struts.chain.servlet.SelectInput"/>
+
+
+ <!-- Select the appropriate ForwardConfig for action mappings that only
+ have an ActionForward -->
+ <command
+ className="org.apache.struts.chain.servlet.SelectForward"/>
<!-- Create (if needed) the Action for this request -->
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractAuthorizeAction.java
Index: AbstractAuthorizeAction.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractAuthorizeAction.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain;
import org.apache.commons.beanutils.DynaBean;
import org.apache.commons.chain.Command;
import org.apache.commons.chain.Context;
import org.apache.commons.chain.web.WebContext;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionServlet;
import org.apache.struts.action.DynaActionForm;
import org.apache.struts.action.DynaActionFormClass;
import org.apache.struts.chain.Constants;
import org.apache.struts.chain.util.ClassUtils;
import org.apache.struts.config.ActionConfig;
import org.apache.struts.config.FormBeanConfig;
/**
* <p>Determine whether the requested action is authorized for the current
* user. If not, abort chain processing and perferably, return an error
* message of some kind.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public abstract class AbstractAuthorizeAction implements Command {
// ------------------------------------------------------ Instance Variables
private String actionConfigKey = Constants.ACTION_CONFIG_KEY;
// -------------------------------------------------------------- Properties
/**
* <p>Return the context attribute key under which the
* <code>ActionConfig</code> for the currently selected application
* action is stored.</p>
*/
public String getActionConfigKey() {
return (this.actionConfigKey);
}
/**
* <p>Set the context attribute key under which the
* <code>ActionConfig</code> for the currently selected application
* action is stored.</p>
*
* @param actionConfigKey The new context attribute key
*/
public void setActionConfigKey(String actionConfigKey) {
this.actionConfigKey = actionConfigKey;
}
// ---------------------------------------------------------- Public Methods
/**
* <p>Determine whether the requested action is authorized for the current
* user. If not, abort chain processing and perferably, return an error
* message of some kind.</p>
*
* @param context The <code>Context</code> for the current request
*
* @return <code>false</code> if the user is authorized for the selected
* action, else <code>true</code> to abort processing.
*/
public boolean execute(Context context) throws Exception {
// Retrieve ActionConfig
ActionConfig actionConfig = (ActionConfig)
context.get(getActionConfigKey());
// Is this action protected by role requirements?
String roles[] = actionConfig.getRoleNames();
if ((roles == null) || (roles.length < 1)) {
return (false);
}
return !(isAuthorized(context, roles, actionConfig));
}
// ------------------------------------------------------- Protected Methods
/**
* <p>Determine if the action is authorized for the given roles.</p>
*
* @param context The <code>Context</code> for the current request
* @param roles An array of valid roles for this request
* @param actionConfig The current action mapping
*
* @return <code>true</code> if the request is authorized, else
* <code>false</code>
* @exception If the action cannot be tested for authorization
*/
protected abstract boolean isAuthorized(Context context, String[] roles,
ActionConfig actionConfig)
throws Exception;
}
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractRequestNoCache.java
Index: AbstractRequestNoCache.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractRequestNoCache.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain;
import org.apache.commons.chain.Command;
import org.apache.commons.chain.Context;
import org.apache.commons.chain.web.WebContext;
import org.apache.struts.Globals;
import org.apache.struts.chain.Constants;
import org.apache.struts.config.ModuleConfig;
/**
* <p>Check to see if the controller is configured to prevent caching,
* and if so, request no cache flags to be set.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public abstract class AbstractRequestNoCache implements Command {
// ------------------------------------------------------ Instance Variables
private String moduleConfigKey = Constants.MODULE_CONFIG_KEY;
// -------------------------------------------------------------- Properties
/**
* <p>Return the context attribute key under which the
* <code>ModuleConfig</code> for the currently selected application
* module is stored.</p>
*/
public String getModuleConfigKey() {
return (this.moduleConfigKey);
}
/**
* <p>Set the context attribute key under which the
* <code>ModuleConfig</code> for the currently selected application
* module is stored.</p>
*
* @param moduleConfigKey The new context attribute key
*/
public void setModuleConfigKey(String moduleConfigKey) {
this.moduleConfigKey = moduleConfigKey;
}
// ---------------------------------------------------------- Public Methods
/**
* <p>Check to see if the controller is configured to prevent caching,
* and if so, request no cache flags to be set.</p>
*
* @param context The <code>Context</code> for the current request
*
* @return <code>false</code> so that processing continues
*/
public boolean execute(Context context) throws Exception {
// Retrieve the ModuleConfig instance
WebContext wcontext = (WebContext) context;
ModuleConfig moduleConfig = (ModuleConfig)
wcontext.get(getModuleConfigKey());
// If the module is configured for no caching, request no caching
if (moduleConfig.getControllerConfig().getNocache()) {
requestNoCache(context);
}
return (false);
}
// ------------------------------------------------------- Protected Methods
/**
* <p>Request no cache flags are set.</p>
*
* @param context The <code>Context</code> for this request
*/
protected abstract void requestNoCache(Context context);
}
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractSelectForward.java
Index: AbstractSelectForward.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractSelectForward.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain;
import org.apache.commons.chain.Command;
import org.apache.commons.chain.Context;
import org.apache.struts.chain.Constants;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.config.ActionConfig;
import org.apache.struts.config.ForwardConfig;
import org.apache.struts.config.ModuleConfig;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* <p>Select and cache the <code>ActionForward</code> for this
* <code>ActionConfig</code> if specified.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public abstract class AbstractSelectForward implements Command {
// ------------------------------------------------------ Instance Variables
private String actionConfigKey = Constants.ACTION_CONFIG_KEY;
private String forwardConfigKey = Constants.FORWARD_CONFIG_KEY;
private String validKey = Constants.VALID_KEY;
private static final Log log =
LogFactory.getLog(AbstractSelectForward.class);
// -------------------------------------------------------------- Properties
/**
* <p>Return the context attribute key under which the
* <code>ActionConfig</code> for the currently selected application
* action is stored.</p>
*/
public String getActionConfigKey() {
return (this.actionConfigKey);
}
/**
* <p>Set the context attribute key under which the
* <code>ActionConfig</code> for the currently selected application
* action is stored.</p>
*
* @param actionConfigKey The new context attribute key
*/
public void setActionConfigKey(String actionConfigKey) {
this.actionConfigKey = actionConfigKey;
}
/**
* <p>Return the context attribute key under which the
* <code>ForwardConfig</code> for the currently selected application
* action is stored.</p>
*/
public String getForwardConfigKey() {
return (this.forwardConfigKey);
}
/**
* <p>Set the context attribute key under which the
* <code>ForwardConfig</code> for the currently selected application
* action is stored.</p>
*
* @param forwardConfigKey The new context attribute key
*/
public void setForwardConfigKey(String forwardConfigKey) {
this.forwardConfigKey = forwardConfigKey;
}
/**
* <p>Return the context attribute key under which the
* validity flag for this request is stored.</p>
*/
public String getValidKey() {
return (this.validKey);
}
/**
* <p>Set the context attribute key under which the
* validity flag for this request is stored.</p>
*
* @param validKey The new context attribute key
*/
public void setValidKey(String validKey) {
this.validKey = validKey;
}
// ---------------------------------------------------------- Public Methods
/**
* <p>Select and cache the <code>ActionForward</code> for this
* <code>ActionConfig</code> if specified.</p>
*
* @param context The <code>Context</code> for the current request
*
* @return <code>false</code> so that processing continues
*/
public boolean execute(Context context) throws Exception {
// Skip processing if the current request is not valid
Boolean valid = (Boolean) context.get(getValidKey());
if ((valid == null) || !valid.booleanValue()) {
return (false);
}
// Acquire configuration objects that we need
ActionConfig actionConfig = (ActionConfig)
context.get(getActionConfigKey());
ModuleConfig moduleConfig = actionConfig.getModuleConfig();
// Cache an ForwardConfig back to our input page
ForwardConfig forwardConfig = null;
String forward = actionConfig.getForward();
if (forward != null) {
if (moduleConfig.getControllerConfig().getInputForward()) {
if (log.isTraceEnabled()) {
log.trace("Finding ForwardConfig for '" + forward + "'");
}
forwardConfig = actionConfig.findForwardConfig(forward);
if (forwardConfig == null) {
forwardConfig = moduleConfig.findForwardConfig(forward);
}
} else {
if (log.isTraceEnabled()) {
log.trace("Delegating to forward() for '" + forward + "'");
}
forwardConfig = forward(context, moduleConfig, forward);
}
if (log.isDebugEnabled()) {
log.debug("Forwarding back to " + forwardConfig);
}
context.put(getForwardConfigKey(), forwardConfig);
}
return (false);
}
// ------------------------------------------------------- Protected Methods
/**
* <p>Create and return a <code>ForwardConfig</code> representing the
* specified module-relative destination.</p>
*
* @param context The context for this request
* @param moduleConfig The <code>ModuleConfig</code> for this request
* @param uri The module-relative URI to be the destination
*/
protected abstract ForwardConfig forward(Context context,
ModuleConfig moduleConfig,
String uri);
}
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractSetContentType.java
Index: AbstractSetContentType.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/AbstractSetContentType.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain;
import org.apache.commons.chain.Command;
import org.apache.commons.chain.Context;
import org.apache.commons.chain.web.WebContext;
import org.apache.struts.Globals;
import org.apache.struts.chain.Constants;
import org.apache.struts.config.ModuleConfig;
/**
* <p>Check to see if the content type is set, and if so, set it for this
* response.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public abstract class AbstractSetContentType implements Command {
// ------------------------------------------------------ Instance Variables
private String moduleConfigKey = Constants.MODULE_CONFIG_KEY;
// -------------------------------------------------------------- Properties
/**
* <p>Return the context attribute key under which the
* <code>ModuleConfig</code> for the currently selected application
* module is stored.</p>
*/
public String getModuleConfigKey() {
return (this.moduleConfigKey);
}
/**
* <p>Set the context attribute key under which the
* <code>ModuleConfig</code> for the currently selected application
* module is stored.</p>
*
* @param moduleConfigKey The new context attribute key
*/
public void setModuleConfigKey(String moduleConfigKey) {
this.moduleConfigKey = moduleConfigKey;
}
// ---------------------------------------------------------- Public Methods
/**
* <p>Check to see if the content type is set, and if so, set it for this
* response.</p>
*
* @param context The <code>Context</code> for the current request
*
* @return <code>false</code> so that processing continues
*/
public boolean execute(Context context) throws Exception {
// Retrieve the ModuleConfig instance
WebContext wcontext = (WebContext) context;
ModuleConfig moduleConfig = (ModuleConfig)
wcontext.get(getModuleConfigKey());
// If the content type is configured, set it for the response
String contentType =
moduleConfig.getControllerConfig().getContentType();
if (contentType != null) {
setContentType(context, contentType);
}
return (false);
}
// ------------------------------------------------------- Protected Methods
/**
* <p>Request no cache flags are set.</p>
*
* @param context The <code>Context</code> for this request
* @param contentType The content type for the response
*/
protected abstract void setContentType(Context context, String contentType);
}
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/AuthorizeAction.java
Index: AuthorizeAction.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/AuthorizeAction.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain.servlet;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.chain.Context;
import org.apache.commons.chain.web.servlet.ServletWebContext;
import org.apache.struts.action.ActionServlet;
import org.apache.struts.chain.AbstractAuthorizeAction;
import org.apache.struts.chain.Constants;
import org.apache.struts.config.ActionConfig;
import org.apache.struts.config.ModuleConfig;
import org.apache.struts.util.MessageResources;
/**
* <p>Determine if the action is authorized for the given roles.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public class AuthorizeAction extends AbstractAuthorizeAction {
// ------------------------------------------------------- Protected Methods
protected boolean isAuthorized(Context context, String[] roles,
ActionConfig mapping) throws Exception {
// Identify the HTTP request and response objects
ServletWebContext swcontext = (ServletWebContext) context;
HttpServletRequest request = swcontext.getRequest();
HttpServletResponse response = swcontext.getResponse();
// Check the current user against the list of required roles
for (int i = 0; i < roles.length; i++) {
if (request.isUserInRole(roles[i])) {
return (true);
}
}
// Retrieve internal message resources
ActionServlet servlet =
(ActionServlet) context.get(Constants.ACTION_SERVLET_KEY);
MessageResources resources = servlet.getInternal();
// The current user is not authorized for this action
response.sendError(
HttpServletResponse.SC_FORBIDDEN,
resources.getMessage("notAuthorized", mapping.getPath()));
return (false);
}
}
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/RequestNoCache.java
Index: RequestNoCache.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/RequestNoCache.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain.servlet;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.chain.Context;
import org.apache.commons.chain.web.servlet.ServletWebContext;
import org.apache.struts.chain.AbstractRequestNoCache;
import org.apache.struts.chain.Constants;
import org.apache.struts.config.ActionConfig;
import org.apache.struts.config.ModuleConfig;
/**
* <p>Check to see if the controller is configured to prevent caching,
* and if so, set the no cache HTTP response headers.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public class RequestNoCache extends AbstractRequestNoCache {
// ------------------------------------------------------- Protected Methods
protected void requestNoCache(Context context) {
ServletWebContext swcontext = (ServletWebContext) context;
HttpServletResponse response = swcontext.getResponse();
response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 1);
}
}
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/SelectForward.java
Index: SelectForward.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/SelectForward.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain.servlet;
import org.apache.commons.chain.Context;
import org.apache.commons.chain.web.servlet.ServletWebContext;
import org.apache.struts.Globals;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.chain.AbstractSelectForward;
import org.apache.struts.chain.Constants;
import org.apache.struts.config.ActionConfig;
import org.apache.struts.config.ForwardConfig;
import org.apache.struts.config.ModuleConfig;
/**
* <p>Create and return a <code>ForwardConfig</code> representing the
* specified module-relative destination.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public class SelectForward extends AbstractSelectForward {
// ------------------------------------------------------- Protected Methods
/**
* <p>Create and return a <code>ForwardConfig</code> representing the
* specified module-relative destination.</p>
*
* @param context The context for this request
* @param moduleConfig The <code>ModuleConfig</code> for this request
* @param uri The module-relative URI to be the destination
*/
protected ForwardConfig forward(Context context,
ModuleConfig moduleConfig,
String uri) {
return (new ActionForward(null, moduleConfig.getPrefix() + uri,
false, true));
}
}
1.1 jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/SetContentType.java
Index: SetContentType.java
===================================================================
/*
* $Header: /home/cvs/jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet/SetContentType.java,v 1.1 2003/10/24 02:35:02 mrdon Exp $
* $Revision: 1.1 $
* $Date: 2003/10/24 02:35:02 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Struts", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.struts.chain.servlet;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.chain.Context;
import org.apache.commons.chain.web.servlet.ServletWebContext;
import org.apache.struts.chain.AbstractSetContentType;
import org.apache.struts.chain.Constants;
import org.apache.struts.config.ActionConfig;
import org.apache.struts.config.ModuleConfig;
/**
* <p>Check to see if the content type is set, and if so, set it for this
* response.</p>
*
* @author Don Brown
* @version $Revision: 1.1 $ $Date: 2003/10/24 02:35:02 $
*/
public class SetContentType extends AbstractSetContentType {
// ------------------------------------------------------- Protected Methods
protected void setContentType(Context context, String contentType) {
ServletWebContext swcontext = (ServletWebContext) context;
HttpServletResponse response = swcontext.getResponse();
response.setContentType(contentType);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet
AuthorizeAction.java RequestNoCache.java SelectForward.java SetContentType.java
Posted by Don Brown <mr...@twdata.org>.
On Fri, 24 Oct 2003, Craig R. McClanahan wrote:
<snip />
> I agree that we would need the exception class, but why do we need
> anything other than the standard handler (o.a.s.c.ExceptionCatcher)? It
> fires off an exception handling chain, and the default handler there
> already looks at your <exception> settings in struts-config.xml to
> figure out what to do for any arbitrary exception class. It's up to the
> app to handle UnauthorizedException however it wants, just like it's up
> to the app to handle an SQLException (or any other type, for that
> matter) returned from an Action.
>
> While we're at it, there are a few other places where Struts 1.1 returns
> an HTTP error; they should be evaluated for being treated the same way
> in a chain-based request processor.
That works for me - I was under the assumption 100% backwards
compatibility was the goal (i.e. drop-in replacement). I'll write it up.
Don
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet
AuthorizeAction.java RequestNoCache.java SelectForward.java SetContentType.java
Posted by "Craig R. McClanahan" <cr...@apache.org>.
Don Brown wrote:
>On Fri, 24 Oct 2003, Craig R. McClanahan wrote:
><snip />
>
>
>>Welcome to the "Chain Gang" Don! :-)
>>
>>
>
>With a snappy name like that, we should t-shirts printed up :)
>
>
>
:-)
>>I noticed that your implementation of AuthorizeAction does the same
>>thing that the current Struts RequestProcessor does if authorization
>>fails -- sends a "Bad Request" (status 400) message back. One thing we
>>might consider instead is throwing a Struts-defined authentication
>>exception, which would allow the exception handling mechanism to decide
>>what to do instead.
>>
>>One nice feature of using the chain approach is that the exception
>>handler (o.a.s.c.ExceptionCatcher) can handle exceptions thrown by
>>*anything* that executes after it is installed in the chain, not just
>>exceptions thrown by Actions. This allows us to use exceptions to
>>enable application-defined handling of lots of exceptional events from
>>the framework as well, rather than simply throwing a 400 response. In
>>addition, sending a 400 isn't going to be possible in a portlet world
>>anyway, so we might as well start thinking about what to do instead, and
>>make it consistent in servlets as well.
>>
>>What do you think?
>>
>>
>
>Good point. I could have it throw an UnauthorizedException which is
>handled by UnauthorizedExceptionHandler in the servlet-exception chain
>before ExceptionHandler. This of course would entail creating
>o.a.s.c.AbstractUnauthorizedExceptionHandler,
>o.a.s.c.UnauthorizedException, and
>o.a.s.c.s.UnauthorizedExceptionHandler which kinda seems like a lot of
>code for one line in the case of a servlet environment.
>
>
>
I agree that we would need the exception class, but why do we need
anything other than the standard handler (o.a.s.c.ExceptionCatcher)? It
fires off an exception handling chain, and the default handler there
already looks at your <exception> settings in struts-config.xml to
figure out what to do for any arbitrary exception class. It's up to the
app to handle UnauthorizedException however it wants, just like it's up
to the app to handle an SQLException (or any other type, for that
matter) returned from an Action.
While we're at it, there are a few other places where Struts 1.1 returns
an HTTP error; they should be evaluated for being treated the same way
in a chain-based request processor.
>>>From how I understand it, as it stands, in a portlet environment, a whole
>new chain config would have to be used anyways due to most implementing
>classes depending on servlet apis. Therefore, to handle an unauthorized
>case for a portlet, the only addition code would be a different
>AuthorizeAction implementation, which would need to be provided anyways.
>
>That said, I think throwing an exception is the more logical choice, but
>it does add several more classes with little functional improvement. Of
>course, this is really a trivial part to the whole chain so whatever
>you think is best, I'll code it up :)
>
>Don
>
>
>
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet
AuthorizeAction.java RequestNoCache.java SelectForward.java SetContentType.java
Posted by Don Brown <mr...@twdata.org>.
On Fri, 24 Oct 2003, Craig R. McClanahan wrote:
<snip />
> Welcome to the "Chain Gang" Don! :-)
With a snappy name like that, we should t-shirts printed up :)
> I noticed that your implementation of AuthorizeAction does the same
> thing that the current Struts RequestProcessor does if authorization
> fails -- sends a "Bad Request" (status 400) message back. One thing we
> might consider instead is throwing a Struts-defined authentication
> exception, which would allow the exception handling mechanism to decide
> what to do instead.
>
> One nice feature of using the chain approach is that the exception
> handler (o.a.s.c.ExceptionCatcher) can handle exceptions thrown by
> *anything* that executes after it is installed in the chain, not just
> exceptions thrown by Actions. This allows us to use exceptions to
> enable application-defined handling of lots of exceptional events from
> the framework as well, rather than simply throwing a 400 response. In
> addition, sending a 400 isn't going to be possible in a portlet world
> anyway, so we might as well start thinking about what to do instead, and
> make it consistent in servlets as well.
>
> What do you think?
Good point. I could have it throw an UnauthorizedException which is
handled by UnauthorizedExceptionHandler in the servlet-exception chain
before ExceptionHandler. This of course would entail creating
o.a.s.c.AbstractUnauthorizedExceptionHandler,
o.a.s.c.UnauthorizedException, and
o.a.s.c.s.UnauthorizedExceptionHandler which kinda seems like a lot of
code for one line in the case of a servlet environment.
>From how I understand it, as it stands, in a portlet environment, a whole
new chain config would have to be used anyways due to most implementing
classes depending on servlet apis. Therefore, to handle an unauthorized
case for a portlet, the only addition code would be a different
AuthorizeAction implementation, which would need to be provided anyways.
That said, I think throwing an exception is the more logical choice, but
it does add several more classes with little functional improvement. Of
course, this is really a trivial part to the whole chain so whatever
you think is best, I'll code it up :)
Don
>
> Craig
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-dev-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-struts/contrib/struts-chain/src/java/org/apache/struts/chain/servlet
AuthorizeAction.java RequestNoCache.java SelectForward.java SetContentType.java
Posted by "Craig R. McClanahan" <cr...@apache.org>.
mrdon@apache.org wrote:
>mrdon 2003/10/23 19:35:02
>
> Modified: contrib/struts-chain/src/conf chain-config.xml
> Added: contrib/struts-chain/src/java/org/apache/struts/chain
> AbstractAuthorizeAction.java
> AbstractRequestNoCache.java
> AbstractSelectForward.java
> AbstractSetContentType.java
> contrib/struts-chain/src/java/org/apache/struts/chain/servlet
> AuthorizeAction.java RequestNoCache.java
> SelectForward.java SetContentType.java
> Log:
> Adding in some missing pieces. Pretty much straight one-to-one mappings of
> RequestProcessor methods to chain actions.
>
>
>
Welcome to the "Chain Gang" Don! :-)
I noticed that your implementation of AuthorizeAction does the same
thing that the current Struts RequestProcessor does if authorization
fails -- sends a "Bad Request" (status 400) message back. One thing we
might consider instead is throwing a Struts-defined authentication
exception, which would allow the exception handling mechanism to decide
what to do instead.
One nice feature of using the chain approach is that the exception
handler (o.a.s.c.ExceptionCatcher) can handle exceptions thrown by
*anything* that executes after it is installed in the chain, not just
exceptions thrown by Actions. This allows us to use exceptions to
enable application-defined handling of lots of exceptional events from
the framework as well, rather than simply throwing a 400 response. In
addition, sending a 400 isn't going to be possible in a portlet world
anyway, so we might as well start thinking about what to do instead, and
make it consistent in servlets as well.
What do you think?
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org