You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by "BetBasoo, Peter" <pb...@mesirowfinancial.com> on 2013/01/12 04:17:00 UTC
Session Expired Interceptor
I have written a simple interceptor to check for an expired session. Here's the code:
public class ExpiredSessionInterceptor extends AbstractInterceptor implements Constants
{
private static final long serialVersionUID = 1L;
private String excludeActions = "";
public synchronized String intercept(ActionInvocation invocation) throws Exception
{
Map<String, Object> session = invocation.getInvocationContext().getSession();
String actionName = invocation.getProxy().getActionName();
if (excludeActions.indexOf(actionName) != -1) return invocation.invoke();
UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
if (userInfo == null)
{
return "loginRequired";
}
return invocation.invoke();
}
public void setExcludeActions(String values)
{
excludeActions = values;
}
}
And here's struts.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<constant name="struts.devMode" value="true" />
<package name="basicstruts2" extends="struts-default">
<interceptors>
<interceptor name="expiredSessionInterceptor" class="mesirow.struts.ExpiredSessionInterceptor" />
<interceptor-stack name="sessionExpirationStack">
<interceptor-ref name="expiredSessionInterceptor">
<param name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
</interceptor-ref>
<interceptor-ref name="defaultStack"/>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="sessionExpirationStack" />
<global-results>
<result name="loginRequired">loginRequired</result>
</global-results>
<action name="loginRequired">
<result>/expiredSession.jsp</result>
</action>
</package>
</struts>
I have traced into this code and it is correctly returning "loginRequired" when the user is not logged in. The problem is, the expiredSession.jsp is not being shown.
This app is entirely driven by ajax calls that return NONE from their struts action handlers.
What I observe is that instead of showing the expiredSession.jsp, the ajax call goes through to its action handler (and fails). Why is the action handler for an ajax call being called when I am returning "loginRequired"?
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
RE: Session Expired Interceptor
Posted by "BetBasoo, Peter" <pb...@mesirowfinancial.com>.
That is why I wound up doing.
-----Original Message-----
From: jlmagc@gmail.com [mailto:jlmagc@gmail.com]
Sent: Sunday, January 13, 2013 9:05 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor
I also use a session expired interceptor. It detectes if the call is a standard navigation, or if it is a ajax call(looking for a header in the request). If it is a navigation, it redirects the user to sessionLogin. if it is a ajax call, it returns a custom http error code, which is deteced by the javascript handler, and it takes the user to the login screen.
Regards
JL
Sent via BlackBerry from T-Mobile
-----Original Message-----
From: "BetBasoo, Peter" <pb...@mesirowfinancial.com>
Date: Mon, 14 Jan 2013 01:31:04
To: Struts Users Mailing List<us...@struts.apache.org>
Reply-To: "Struts Users Mailing List" <us...@struts.apache.org>
Subject: RE: Session Expired Interceptor
Is there any way to cancel the ajax call and redirect to the expiredSession.jsp?
-----Original Message-----
From: Dave Newton [mailto:davelnewton@gmail.com]
Sent: Sunday, January 13, 2013 1:25 PM
To: Struts Users Mailing List
Subject: RE: Session Expired Interceptor
It's an ajax call-the results will be returned to the JavaScript that called it.
You need to handle the redirect on the client side.
Dave
On Jan 13, 2013 2:21 PM, "BetBasoo, Peter" <pb...@mesirowfinancial.com>
wrote:
> Chris:
>
> The javascript is expecting the result in XML format, not a jsp page.
>
> Isn't the interceptor supposed to redirect to expiredSession.jsp? In
> other words, isn't the ajax call that initiated this nullified because
> the interceptor returns "loginRequired"?
>
> That's the whole point of this global interceptor. If the session has
> expired, the user should be redirected to expiredSession.jsp,
> regardless of the call's origin.
>
> For example, the action I have defined below, getClientAccounts, is an
> ajax call. If the session has expired and the user clicks on the link
> that initiates this call, the user should be taken to expiredSession.jsp.
>
> Do I have to configure the result for "loginRequired" in this call? If
> so, I would have to do it for all of the ajax calls, so what would be
> the point of the global interceptor?
>
> What am I doing wrong?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 11:27 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> Well, the action handler for step 6 hasn't been defined in struts.xml,
> so it will use the struts default action handler, which simply returns
> SUCCESS. That will trigger the JSP processor to process the
> /expiredSession.jsp and return it to the AJAX client, is that what the
> javascript handler is expecting?
> (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Chris:
> >
> > Thanks for your help. You touched on two key points.
> >
> > The login procedure is ajax driven and processing a successful login
> > (i.e., moving to the next page) is handled on the client side.
> >
> > Regarding point 6, this is in fact an ajax request. The action
> > handler returns NONE. There are no results defined for the ajax
> > action (getClientAccounts). The client side (javascript) handler for
> > this request does not process loginRequired because I thought that
> > it would never get to that point because of the interceptor. Is this
> > a valid
> assumption?
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 4:19 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > That looks right to me (except for the fact that if the user logs in
> > there are no results for getClientAccounts).
> >
> >
> > 1. What should be happening is that Struts runs the interceptor stack,
> > finding your expiredSessionInterceptor first
> > 2. When it runs it, it finds that the user is not logged in and
> returns
> > "loginRequired"
> > 3. Struts looks in the action definition in struts.xml for a <result
> > name="loginRequired"> and doesn't find one
> > 4. Struts then looks at the global results for <result
> > name="loginRequired"> and finds a match
> > 5. It should then send a redirect to the browser specifying the
> > URL
> for
> > the "loginRequired" action
> > 6. At that point, since there is no action class assigned, the
> > "/expiredSession.jsp" file would be processed and returned to the
> > browser
> > (of course if this is an AJAX request, the JavaScript better be
> > expecting
> > whatever this .jsp file contains).
> >
> > but from your messages I'm assuming this is not what you're seeing.
> > You can either step through the process in the debugger and make
> > sure things are happening in that order, or (what I would probably
> > do) put log statements at each of those places (at the very least)
> > and make sure I'm seeing those events logged in the proper order.
> > Sorry, I can't be more helpful than that.
> >
> > (*Chris*)
> >
> >
> > On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > Yes, here's struts.xml with one ajax action (getClientAccounts).
> > > This action is executed when called even though the interceptor
> > > returns "loginRequired"
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > > <constant name="struts.devMode" value="true" />
> > >
> > > <package name="basicstruts2" extends="struts-default">
> > >
> > > <interceptors>
> > > <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > <interceptor-stack
> name="sessionExpirationStack">
> > > <interceptor-ref
> > > name="expiredSessionInterceptor">
> > > <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLo
> > gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > </interceptor-ref>
> > > <interceptor-ref name="defaultStack"/>
> > > </interceptor-stack>
> > > </interceptors>
> > >
> > > <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > > <global-results>
> > > <result type="redirectAction"
> > > name="loginRequired">loginRequired</result>
> > > </global-results>
> > >
> > > <action name="loginRequired">
> > > <result>/expiredSession.jsp</result>
> > > </action>
> > >
> > > <action name="getClientAccounts"
> > > class="mesirow.action.AccountActions"
> > method="getClientAccounts"></action>
> > > </package>
> > >
> > > </struts>
> > >
> > > -----Original Message-----
> > > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > > Sent: Saturday, January 12, 2013 3:11 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > So you now have this in your struts.xml?
> > >
> > > <global-results>
> > > <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > > </global-results>
> > >
> > > (*Chris*)
> > >
> > >
> > >
> > > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > > pbetbasoo@mesirowfinancial.com> wrote:
> > >
> > > > I did put redirectAction action in, it's still not working. The
> > > > web page expiredSession.jsp is not being shown and there is no
> > > > indication of an error having occurred.
> > > >
> > > > When I try this, I observe that the action that initiated the
> > > > call is still being called, even though the interceptor returns
> > > > the loginRequired result.
> > > >
> > > > Any ideas?
> > > >
> > > > -----Original Message-----
> > > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > > Sent: Friday, January 11, 2013 9:27 PM
> > > > To: Struts Users Mailing List
> > > > Subject: RE: Session Expired Interceptor
> > > >
> > > > You are missing the redirectAction. Use something like this:
> > > >
> > > > <result name="programming"
> > > > type="redirectAction">programming</result>
> > > >
> > > > In your case it would be:
> > > >
> > > > <result name="loginRequired"
> > > > type="redirectAction">loginRequired</result>
> > > >
> > > > Regards,
> > > > Ajay Mahendru
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > > Sent: Friday, January 11, 2013 8:23 PM
> > > > To: Struts Users Mailing List
> > > > Subject: Re: Session Expired Interceptor
> > > >
> > > > I'm actually surprised it's not erroring out since the global
> > > > result should be a redirectAction since you're not forwarding to
> > > > a
> JSP.
> > > >
> > > > Dave
> > > >
> > > > (On mobile device, please forgive typos, bizarre autocompletes,
> > > > and
> > > > top-
> > > > quoting.)
> > > > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > > pbetbasoo@mesirowfinancial.com>
> > > > wrote:
> > > >
> > > > > I have written a simple interceptor to check for an expired
> session.
> > > > > Here's the code:
> > > > >
> > > > > public class ExpiredSessionInterceptor extends
> > > > > AbstractInterceptor implements Constants {
> > > > > private static final long serialVersionUID = 1L;
> > > > > private String excludeActions = "";
> > > > >
> > > > > public synchronized String intercept(ActionInvocation
> > > > > invocation) throws Exception
> > > > > {
> > > > > Map<String, Object> session =
> > > > > invocation.getInvocationContext().getSession();
> > > > > String actionName =
> > invocation.getProxy().getActionName();
> > > > > if (excludeActions.indexOf(actionName) != -1)
> > > > > return invocation.invoke();
> > > > >
> > > > > UserInfo userInfo = (UserInfo)
> > session.get(Attr_UserInfo);
> > > > > if (userInfo == null)
> > > > > {
> > > > > return "loginRequired";
> > > > > }
> > > > >
> > > > > return invocation.invoke();
> > > > > }
> > > > >
> > > > > public void setExcludeActions(String values)
> > > > > {
> > > > > excludeActions = values;
> > > > > }
> > > > > }
> > > > >
> > > > > And here's struts.xml
> > > > >
> > > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > > > "-//Apache Software Foundation//DTD Struts Configuration
> 2.0//EN"
> > > > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > > >
> > > > > <struts>
> > > > >
> > > > > <constant name="struts.devMode" value="true" />
> > > > >
> > > > > <package name="basicstruts2" extends="struts-default">
> > > > >
> > > > > <interceptors>
> > > > > <interceptor name="expiredSessionInterceptor"
> > > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > > > <interceptor-stack name="sessionExpirationStack">
> > > > > <interceptor-ref
> > > > name="expiredSessionInterceptor">
> > > > > <param
> > > > >
> > > > name="excludeActions">login,logout,index,certLogin.jsp,condo,con
> > > > do Lo gi
> > > > n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > > > </interceptor-ref>
> > > > > <interceptor-ref name="defaultStack"/>
> > > > > </interceptor-stack>
> > > > > </interceptors>
> > > > >
> > > > > <default-interceptor-ref name="sessionExpirationStack"
> > > > > />
> > > > >
> > > > > <global-results>
> > > > > <result
> name="loginRequired">loginRequired</result>
> > > > > </global-results>
> > > > >
> > > > > <action name="loginRequired">
> > > > > <result>/expiredSession.jsp</result>
> > > > > </action>
> > > > >
> > > > > </package>
> > > > >
> > > > > </struts>
> > > > >
> > > > > I have traced into this code and it is correctly returning
> > > > "loginRequired"
> > > > > when the user is not logged in. The problem is, the
> > > > > expiredSession.jsp is not being shown.
> > > > >
> > > > > This app is entirely driven by ajax calls that return NONE
> > > > > from their struts action handlers.
> > > > >
> > > > > What I observe is that instead of showing the
> > > > > expiredSession.jsp, the ajax call goes through to its action
> > > > > handler (and fails). Why is the action handler for an ajax
> > > > > call being called when I am returning
> > > > "loginRequired"?
> > > > >
> > > > >
> > > > > Visit us on the Web at mesirowfinancial.com
> > > > >
> > > > > This communication may contain privileged and/or confidential
> > > > information.
> > > > > It is intended solely for the use of the addressee. If you are
> > > > > not the intended recipient, you are strictly prohibited from
> > > > > disclosing, copying, distributing or using any of this
> > > > > information. If you received this communication in error,
> > > > > please contact the sender immediately and destroy the material
> > > > > in its entirety, whether electronic
> > > > or hard copy.
> > > > > Confidential, proprietary or time-sensitive communications
> > > > > should not be transmitted via the Internet, as there can be no
> > > > > assurance of actual or timely delivery, receipt and/or
> > > > > confidentiality. This is not an offer, or solicitation of any
> > > > > offer to buy or sell any security, investment or other product.
> > > > >
> > > >
> > > > ----------------------------------------------------------------
> > > > --
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are
> > > > not the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications
> > > > should not be transmitted via the Internet, as there can be no
> > > > assurance of actual or timely delivery, receipt and/or
> > > > confidentiality. This is not an offer, or solicitation of any
> > > > offer to buy or sell any security, investment or other product.
> > > >
> > > >
> > > > ----------------------------------------------------------------
> > > > --
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from
> > > disclosing, copying, distributing or using any of this
> > > information. If you received this communication in error, please
> > > contact the sender immediately and destroy the material in its
> > > entirety, whether electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance
> > > of actual or timely delivery, receipt and/or confidentiality. This
> > > is not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > ------------------------------------------------------------------
> > > --
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
�B‹KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB•�È�[œÝXœØÜšX™K��K[XZ[
ˆ�\Ù\‹][œÝXœØÜšX™P�Ý�]�˘\�XÚ�K›Ü™ÃB‘›Üˆ�Y��]�[Û˜[��ÛÛ[X[™�Ë��K[XZ[
ˆ�\Ù\‹Z�[���Ý�]�˘\�XÚ�K›Ü™ÃB
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Expired Interceptor
Posted by jl...@gmail.com.
I also use a session expired interceptor. It detectes if the call is a standard navigation, or if it is a ajax call(looking for a header in the request). If it is a navigation, it redirects the user to sessionLogin. if it is a ajax call, it returns a custom http error code, which is deteced by the javascript handler, and it takes the user to the login screen.
Regards
JL
Sent via BlackBerry from T-Mobile
-----Original Message-----
From: "BetBasoo, Peter" <pb...@mesirowfinancial.com>
Date: Mon, 14 Jan 2013 01:31:04
To: Struts Users Mailing List<us...@struts.apache.org>
Reply-To: "Struts Users Mailing List" <us...@struts.apache.org>
Subject: RE: Session Expired Interceptor
Is there any way to cancel the ajax call and redirect to the expiredSession.jsp?
-----Original Message-----
From: Dave Newton [mailto:davelnewton@gmail.com]
Sent: Sunday, January 13, 2013 1:25 PM
To: Struts Users Mailing List
Subject: RE: Session Expired Interceptor
It's an ajax call-the results will be returned to the JavaScript that called it.
You need to handle the redirect on the client side.
Dave
On Jan 13, 2013 2:21 PM, "BetBasoo, Peter" <pb...@mesirowfinancial.com>
wrote:
> Chris:
>
> The javascript is expecting the result in XML format, not a jsp page.
>
> Isn't the interceptor supposed to redirect to expiredSession.jsp? In
> other words, isn't the ajax call that initiated this nullified because
> the interceptor returns "loginRequired"?
>
> That's the whole point of this global interceptor. If the session has
> expired, the user should be redirected to expiredSession.jsp,
> regardless of the call's origin.
>
> For example, the action I have defined below, getClientAccounts, is an
> ajax call. If the session has expired and the user clicks on the link
> that initiates this call, the user should be taken to expiredSession.jsp.
>
> Do I have to configure the result for "loginRequired" in this call? If
> so, I would have to do it for all of the ajax calls, so what would be
> the point of the global interceptor?
>
> What am I doing wrong?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 11:27 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> Well, the action handler for step 6 hasn't been defined in struts.xml,
> so it will use the struts default action handler, which simply returns
> SUCCESS. That will trigger the JSP processor to process the
> /expiredSession.jsp and return it to the AJAX client, is that what the
> javascript handler is expecting?
> (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Chris:
> >
> > Thanks for your help. You touched on two key points.
> >
> > The login procedure is ajax driven and processing a successful login
> > (i.e., moving to the next page) is handled on the client side.
> >
> > Regarding point 6, this is in fact an ajax request. The action
> > handler returns NONE. There are no results defined for the ajax
> > action (getClientAccounts). The client side (javascript) handler for
> > this request does not process loginRequired because I thought that
> > it would never get to that point because of the interceptor. Is this
> > a valid
> assumption?
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 4:19 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > That looks right to me (except for the fact that if the user logs in
> > there are no results for getClientAccounts).
> >
> >
> > 1. What should be happening is that Struts runs the interceptor stack,
> > finding your expiredSessionInterceptor first
> > 2. When it runs it, it finds that the user is not logged in and
> returns
> > "loginRequired"
> > 3. Struts looks in the action definition in struts.xml for a <result
> > name="loginRequired"> and doesn't find one
> > 4. Struts then looks at the global results for <result
> > name="loginRequired"> and finds a match
> > 5. It should then send a redirect to the browser specifying the
> > URL
> for
> > the "loginRequired" action
> > 6. At that point, since there is no action class assigned, the
> > "/expiredSession.jsp" file would be processed and returned to the
> > browser
> > (of course if this is an AJAX request, the JavaScript better be
> > expecting
> > whatever this .jsp file contains).
> >
> > but from your messages I'm assuming this is not what you're seeing.
> > You can either step through the process in the debugger and make
> > sure things are happening in that order, or (what I would probably
> > do) put log statements at each of those places (at the very least)
> > and make sure I'm seeing those events logged in the proper order.
> > Sorry, I can't be more helpful than that.
> >
> > (*Chris*)
> >
> >
> > On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > Yes, here's struts.xml with one ajax action (getClientAccounts).
> > > This action is executed when called even though the interceptor
> > > returns "loginRequired"
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > > <constant name="struts.devMode" value="true" />
> > >
> > > <package name="basicstruts2" extends="struts-default">
> > >
> > > <interceptors>
> > > <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > <interceptor-stack
> name="sessionExpirationStack">
> > > <interceptor-ref
> > > name="expiredSessionInterceptor">
> > > <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLo
> > gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > </interceptor-ref>
> > > <interceptor-ref name="defaultStack"/>
> > > </interceptor-stack>
> > > </interceptors>
> > >
> > > <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > > <global-results>
> > > <result type="redirectAction"
> > > name="loginRequired">loginRequired</result>
> > > </global-results>
> > >
> > > <action name="loginRequired">
> > > <result>/expiredSession.jsp</result>
> > > </action>
> > >
> > > <action name="getClientAccounts"
> > > class="mesirow.action.AccountActions"
> > method="getClientAccounts"></action>
> > > </package>
> > >
> > > </struts>
> > >
> > > -----Original Message-----
> > > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > > Sent: Saturday, January 12, 2013 3:11 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > So you now have this in your struts.xml?
> > >
> > > <global-results>
> > > <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > > </global-results>
> > >
> > > (*Chris*)
> > >
> > >
> > >
> > > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > > pbetbasoo@mesirowfinancial.com> wrote:
> > >
> > > > I did put redirectAction action in, it's still not working. The
> > > > web page expiredSession.jsp is not being shown and there is no
> > > > indication of an error having occurred.
> > > >
> > > > When I try this, I observe that the action that initiated the
> > > > call is still being called, even though the interceptor returns
> > > > the loginRequired result.
> > > >
> > > > Any ideas?
> > > >
> > > > -----Original Message-----
> > > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > > Sent: Friday, January 11, 2013 9:27 PM
> > > > To: Struts Users Mailing List
> > > > Subject: RE: Session Expired Interceptor
> > > >
> > > > You are missing the redirectAction. Use something like this:
> > > >
> > > > <result name="programming"
> > > > type="redirectAction">programming</result>
> > > >
> > > > In your case it would be:
> > > >
> > > > <result name="loginRequired"
> > > > type="redirectAction">loginRequired</result>
> > > >
> > > > Regards,
> > > > Ajay Mahendru
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > > Sent: Friday, January 11, 2013 8:23 PM
> > > > To: Struts Users Mailing List
> > > > Subject: Re: Session Expired Interceptor
> > > >
> > > > I'm actually surprised it's not erroring out since the global
> > > > result should be a redirectAction since you're not forwarding to
> > > > a
> JSP.
> > > >
> > > > Dave
> > > >
> > > > (On mobile device, please forgive typos, bizarre autocompletes,
> > > > and
> > > > top-
> > > > quoting.)
> > > > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > > pbetbasoo@mesirowfinancial.com>
> > > > wrote:
> > > >
> > > > > I have written a simple interceptor to check for an expired
> session.
> > > > > Here's the code:
> > > > >
> > > > > public class ExpiredSessionInterceptor extends
> > > > > AbstractInterceptor implements Constants {
> > > > > private static final long serialVersionUID = 1L;
> > > > > private String excludeActions = "";
> > > > >
> > > > > public synchronized String intercept(ActionInvocation
> > > > > invocation) throws Exception
> > > > > {
> > > > > Map<String, Object> session =
> > > > > invocation.getInvocationContext().getSession();
> > > > > String actionName =
> > invocation.getProxy().getActionName();
> > > > > if (excludeActions.indexOf(actionName) != -1)
> > > > > return invocation.invoke();
> > > > >
> > > > > UserInfo userInfo = (UserInfo)
> > session.get(Attr_UserInfo);
> > > > > if (userInfo == null)
> > > > > {
> > > > > return "loginRequired";
> > > > > }
> > > > >
> > > > > return invocation.invoke();
> > > > > }
> > > > >
> > > > > public void setExcludeActions(String values)
> > > > > {
> > > > > excludeActions = values;
> > > > > }
> > > > > }
> > > > >
> > > > > And here's struts.xml
> > > > >
> > > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > > > "-//Apache Software Foundation//DTD Struts Configuration
> 2.0//EN"
> > > > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > > >
> > > > > <struts>
> > > > >
> > > > > <constant name="struts.devMode" value="true" />
> > > > >
> > > > > <package name="basicstruts2" extends="struts-default">
> > > > >
> > > > > <interceptors>
> > > > > <interceptor name="expiredSessionInterceptor"
> > > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > > > <interceptor-stack name="sessionExpirationStack">
> > > > > <interceptor-ref
> > > > name="expiredSessionInterceptor">
> > > > > <param
> > > > >
> > > > name="excludeActions">login,logout,index,certLogin.jsp,condo,con
> > > > do Lo gi
> > > > n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > > > </interceptor-ref>
> > > > > <interceptor-ref name="defaultStack"/>
> > > > > </interceptor-stack>
> > > > > </interceptors>
> > > > >
> > > > > <default-interceptor-ref name="sessionExpirationStack"
> > > > > />
> > > > >
> > > > > <global-results>
> > > > > <result
> name="loginRequired">loginRequired</result>
> > > > > </global-results>
> > > > >
> > > > > <action name="loginRequired">
> > > > > <result>/expiredSession.jsp</result>
> > > > > </action>
> > > > >
> > > > > </package>
> > > > >
> > > > > </struts>
> > > > >
> > > > > I have traced into this code and it is correctly returning
> > > > "loginRequired"
> > > > > when the user is not logged in. The problem is, the
> > > > > expiredSession.jsp is not being shown.
> > > > >
> > > > > This app is entirely driven by ajax calls that return NONE
> > > > > from their struts action handlers.
> > > > >
> > > > > What I observe is that instead of showing the
> > > > > expiredSession.jsp, the ajax call goes through to its action
> > > > > handler (and fails). Why is the action handler for an ajax
> > > > > call being called when I am returning
> > > > "loginRequired"?
> > > > >
> > > > >
> > > > > Visit us on the Web at mesirowfinancial.com
> > > > >
> > > > > This communication may contain privileged and/or confidential
> > > > information.
> > > > > It is intended solely for the use of the addressee. If you are
> > > > > not the intended recipient, you are strictly prohibited from
> > > > > disclosing, copying, distributing or using any of this
> > > > > information. If you received this communication in error,
> > > > > please contact the sender immediately and destroy the material
> > > > > in its entirety, whether electronic
> > > > or hard copy.
> > > > > Confidential, proprietary or time-sensitive communications
> > > > > should not be transmitted via the Internet, as there can be no
> > > > > assurance of actual or timely delivery, receipt and/or
> > > > > confidentiality. This is not an offer, or solicitation of any
> > > > > offer to buy or sell any security, investment or other product.
> > > > >
> > > >
> > > > ----------------------------------------------------------------
> > > > --
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are
> > > > not the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications
> > > > should not be transmitted via the Internet, as there can be no
> > > > assurance of actual or timely delivery, receipt and/or
> > > > confidentiality. This is not an offer, or solicitation of any
> > > > offer to buy or sell any security, investment or other product.
> > > >
> > > >
> > > > ----------------------------------------------------------------
> > > > --
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from
> > > disclosing, copying, distributing or using any of this
> > > information. If you received this communication in error, please
> > > contact the sender immediately and destroy the material in its
> > > entirety, whether electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance
> > > of actual or timely delivery, receipt and/or confidentiality. This
> > > is not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > ------------------------------------------------------------------
> > > --
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: Session Expired Interceptor
Posted by "BetBasoo, Peter" <pb...@mesirowfinancial.com>.
Is there any way to cancel the ajax call and redirect to the expiredSession.jsp?
-----Original Message-----
From: Dave Newton [mailto:davelnewton@gmail.com]
Sent: Sunday, January 13, 2013 1:25 PM
To: Struts Users Mailing List
Subject: RE: Session Expired Interceptor
It's an ajax call-the results will be returned to the JavaScript that called it.
You need to handle the redirect on the client side.
Dave
On Jan 13, 2013 2:21 PM, "BetBasoo, Peter" <pb...@mesirowfinancial.com>
wrote:
> Chris:
>
> The javascript is expecting the result in XML format, not a jsp page.
>
> Isn't the interceptor supposed to redirect to expiredSession.jsp? In
> other words, isn't the ajax call that initiated this nullified because
> the interceptor returns "loginRequired"?
>
> That's the whole point of this global interceptor. If the session has
> expired, the user should be redirected to expiredSession.jsp,
> regardless of the call's origin.
>
> For example, the action I have defined below, getClientAccounts, is an
> ajax call. If the session has expired and the user clicks on the link
> that initiates this call, the user should be taken to expiredSession.jsp.
>
> Do I have to configure the result for "loginRequired" in this call? If
> so, I would have to do it for all of the ajax calls, so what would be
> the point of the global interceptor?
>
> What am I doing wrong?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 11:27 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> Well, the action handler for step 6 hasn't been defined in struts.xml,
> so it will use the struts default action handler, which simply returns
> SUCCESS. That will trigger the JSP processor to process the
> /expiredSession.jsp and return it to the AJAX client, is that what the
> javascript handler is expecting?
> (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Chris:
> >
> > Thanks for your help. You touched on two key points.
> >
> > The login procedure is ajax driven and processing a successful login
> > (i.e., moving to the next page) is handled on the client side.
> >
> > Regarding point 6, this is in fact an ajax request. The action
> > handler returns NONE. There are no results defined for the ajax
> > action (getClientAccounts). The client side (javascript) handler for
> > this request does not process loginRequired because I thought that
> > it would never get to that point because of the interceptor. Is this
> > a valid
> assumption?
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 4:19 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > That looks right to me (except for the fact that if the user logs in
> > there are no results for getClientAccounts).
> >
> >
> > 1. What should be happening is that Struts runs the interceptor stack,
> > finding your expiredSessionInterceptor first
> > 2. When it runs it, it finds that the user is not logged in and
> returns
> > "loginRequired"
> > 3. Struts looks in the action definition in struts.xml for a <result
> > name="loginRequired"> and doesn't find one
> > 4. Struts then looks at the global results for <result
> > name="loginRequired"> and finds a match
> > 5. It should then send a redirect to the browser specifying the
> > URL
> for
> > the "loginRequired" action
> > 6. At that point, since there is no action class assigned, the
> > "/expiredSession.jsp" file would be processed and returned to the
> > browser
> > (of course if this is an AJAX request, the JavaScript better be
> > expecting
> > whatever this .jsp file contains).
> >
> > but from your messages I'm assuming this is not what you're seeing.
> > You can either step through the process in the debugger and make
> > sure things are happening in that order, or (what I would probably
> > do) put log statements at each of those places (at the very least)
> > and make sure I'm seeing those events logged in the proper order.
> > Sorry, I can't be more helpful than that.
> >
> > (*Chris*)
> >
> >
> > On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > Yes, here's struts.xml with one ajax action (getClientAccounts).
> > > This action is executed when called even though the interceptor
> > > returns "loginRequired"
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > > <constant name="struts.devMode" value="true" />
> > >
> > > <package name="basicstruts2" extends="struts-default">
> > >
> > > <interceptors>
> > > <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > <interceptor-stack
> name="sessionExpirationStack">
> > > <interceptor-ref
> > > name="expiredSessionInterceptor">
> > > <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLo
> > gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > </interceptor-ref>
> > > <interceptor-ref name="defaultStack"/>
> > > </interceptor-stack>
> > > </interceptors>
> > >
> > > <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > > <global-results>
> > > <result type="redirectAction"
> > > name="loginRequired">loginRequired</result>
> > > </global-results>
> > >
> > > <action name="loginRequired">
> > > <result>/expiredSession.jsp</result>
> > > </action>
> > >
> > > <action name="getClientAccounts"
> > > class="mesirow.action.AccountActions"
> > method="getClientAccounts"></action>
> > > </package>
> > >
> > > </struts>
> > >
> > > -----Original Message-----
> > > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > > Sent: Saturday, January 12, 2013 3:11 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > So you now have this in your struts.xml?
> > >
> > > <global-results>
> > > <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > > </global-results>
> > >
> > > (*Chris*)
> > >
> > >
> > >
> > > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > > pbetbasoo@mesirowfinancial.com> wrote:
> > >
> > > > I did put redirectAction action in, it's still not working. The
> > > > web page expiredSession.jsp is not being shown and there is no
> > > > indication of an error having occurred.
> > > >
> > > > When I try this, I observe that the action that initiated the
> > > > call is still being called, even though the interceptor returns
> > > > the loginRequired result.
> > > >
> > > > Any ideas?
> > > >
> > > > -----Original Message-----
> > > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > > Sent: Friday, January 11, 2013 9:27 PM
> > > > To: Struts Users Mailing List
> > > > Subject: RE: Session Expired Interceptor
> > > >
> > > > You are missing the redirectAction. Use something like this:
> > > >
> > > > <result name="programming"
> > > > type="redirectAction">programming</result>
> > > >
> > > > In your case it would be:
> > > >
> > > > <result name="loginRequired"
> > > > type="redirectAction">loginRequired</result>
> > > >
> > > > Regards,
> > > > Ajay Mahendru
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > > Sent: Friday, January 11, 2013 8:23 PM
> > > > To: Struts Users Mailing List
> > > > Subject: Re: Session Expired Interceptor
> > > >
> > > > I'm actually surprised it's not erroring out since the global
> > > > result should be a redirectAction since you're not forwarding to
> > > > a
> JSP.
> > > >
> > > > Dave
> > > >
> > > > (On mobile device, please forgive typos, bizarre autocompletes,
> > > > and
> > > > top-
> > > > quoting.)
> > > > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > > pbetbasoo@mesirowfinancial.com>
> > > > wrote:
> > > >
> > > > > I have written a simple interceptor to check for an expired
> session.
> > > > > Here's the code:
> > > > >
> > > > > public class ExpiredSessionInterceptor extends
> > > > > AbstractInterceptor implements Constants {
> > > > > private static final long serialVersionUID = 1L;
> > > > > private String excludeActions = "";
> > > > >
> > > > > public synchronized String intercept(ActionInvocation
> > > > > invocation) throws Exception
> > > > > {
> > > > > Map<String, Object> session =
> > > > > invocation.getInvocationContext().getSession();
> > > > > String actionName =
> > invocation.getProxy().getActionName();
> > > > > if (excludeActions.indexOf(actionName) != -1)
> > > > > return invocation.invoke();
> > > > >
> > > > > UserInfo userInfo = (UserInfo)
> > session.get(Attr_UserInfo);
> > > > > if (userInfo == null)
> > > > > {
> > > > > return "loginRequired";
> > > > > }
> > > > >
> > > > > return invocation.invoke();
> > > > > }
> > > > >
> > > > > public void setExcludeActions(String values)
> > > > > {
> > > > > excludeActions = values;
> > > > > }
> > > > > }
> > > > >
> > > > > And here's struts.xml
> > > > >
> > > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > > > "-//Apache Software Foundation//DTD Struts Configuration
> 2.0//EN"
> > > > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > > >
> > > > > <struts>
> > > > >
> > > > > <constant name="struts.devMode" value="true" />
> > > > >
> > > > > <package name="basicstruts2" extends="struts-default">
> > > > >
> > > > > <interceptors>
> > > > > <interceptor name="expiredSessionInterceptor"
> > > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > > > <interceptor-stack name="sessionExpirationStack">
> > > > > <interceptor-ref
> > > > name="expiredSessionInterceptor">
> > > > > <param
> > > > >
> > > > name="excludeActions">login,logout,index,certLogin.jsp,condo,con
> > > > do Lo gi
> > > > n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > > > </interceptor-ref>
> > > > > <interceptor-ref name="defaultStack"/>
> > > > > </interceptor-stack>
> > > > > </interceptors>
> > > > >
> > > > > <default-interceptor-ref name="sessionExpirationStack"
> > > > > />
> > > > >
> > > > > <global-results>
> > > > > <result
> name="loginRequired">loginRequired</result>
> > > > > </global-results>
> > > > >
> > > > > <action name="loginRequired">
> > > > > <result>/expiredSession.jsp</result>
> > > > > </action>
> > > > >
> > > > > </package>
> > > > >
> > > > > </struts>
> > > > >
> > > > > I have traced into this code and it is correctly returning
> > > > "loginRequired"
> > > > > when the user is not logged in. The problem is, the
> > > > > expiredSession.jsp is not being shown.
> > > > >
> > > > > This app is entirely driven by ajax calls that return NONE
> > > > > from their struts action handlers.
> > > > >
> > > > > What I observe is that instead of showing the
> > > > > expiredSession.jsp, the ajax call goes through to its action
> > > > > handler (and fails). Why is the action handler for an ajax
> > > > > call being called when I am returning
> > > > "loginRequired"?
> > > > >
> > > > >
> > > > > Visit us on the Web at mesirowfinancial.com
> > > > >
> > > > > This communication may contain privileged and/or confidential
> > > > information.
> > > > > It is intended solely for the use of the addressee. If you are
> > > > > not the intended recipient, you are strictly prohibited from
> > > > > disclosing, copying, distributing or using any of this
> > > > > information. If you received this communication in error,
> > > > > please contact the sender immediately and destroy the material
> > > > > in its entirety, whether electronic
> > > > or hard copy.
> > > > > Confidential, proprietary or time-sensitive communications
> > > > > should not be transmitted via the Internet, as there can be no
> > > > > assurance of actual or timely delivery, receipt and/or
> > > > > confidentiality. This is not an offer, or solicitation of any
> > > > > offer to buy or sell any security, investment or other product.
> > > > >
> > > >
> > > > ----------------------------------------------------------------
> > > > --
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are
> > > > not the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications
> > > > should not be transmitted via the Internet, as there can be no
> > > > assurance of actual or timely delivery, receipt and/or
> > > > confidentiality. This is not an offer, or solicitation of any
> > > > offer to buy or sell any security, investment or other product.
> > > >
> > > >
> > > > ----------------------------------------------------------------
> > > > --
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from
> > > disclosing, copying, distributing or using any of this
> > > information. If you received this communication in error, please
> > > contact the sender immediately and destroy the material in its
> > > entirety, whether electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance
> > > of actual or timely delivery, receipt and/or confidentiality. This
> > > is not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > ------------------------------------------------------------------
> > > --
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: Session Expired Interceptor
Posted by Dave Newton <da...@gmail.com>.
It's an ajax call-the results will be returned to the JavaScript that
called it.
You need to handle the redirect on the client side.
Dave
On Jan 13, 2013 2:21 PM, "BetBasoo, Peter" <pb...@mesirowfinancial.com>
wrote:
> Chris:
>
> The javascript is expecting the result in XML format, not a jsp page.
>
> Isn't the interceptor supposed to redirect to expiredSession.jsp? In other
> words, isn't the ajax call that initiated this nullified because the
> interceptor returns "loginRequired"?
>
> That's the whole point of this global interceptor. If the session has
> expired, the user should be redirected to expiredSession.jsp, regardless of
> the call's origin.
>
> For example, the action I have defined below, getClientAccounts, is an
> ajax call. If the session has expired and the user clicks on the link that
> initiates this call, the user should be taken to expiredSession.jsp.
>
> Do I have to configure the result for "loginRequired" in this call? If so,
> I would have to do it for all of the ajax calls, so what would be the point
> of the global interceptor?
>
> What am I doing wrong?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 11:27 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> Well, the action handler for step 6 hasn't been defined in struts.xml, so
> it will use the struts default action handler, which simply returns
> SUCCESS. That will trigger the JSP processor to process the
> /expiredSession.jsp and return it to the AJAX client, is that what the
> javascript handler is expecting?
> (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Chris:
> >
> > Thanks for your help. You touched on two key points.
> >
> > The login procedure is ajax driven and processing a successful login
> > (i.e., moving to the next page) is handled on the client side.
> >
> > Regarding point 6, this is in fact an ajax request. The action handler
> > returns NONE. There are no results defined for the ajax action
> > (getClientAccounts). The client side (javascript) handler for this
> > request does not process loginRequired because I thought that it would
> > never get to that point because of the interceptor. Is this a valid
> assumption?
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 4:19 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > That looks right to me (except for the fact that if the user logs in
> > there are no results for getClientAccounts).
> >
> >
> > 1. What should be happening is that Struts runs the interceptor stack,
> > finding your expiredSessionInterceptor first
> > 2. When it runs it, it finds that the user is not logged in and
> returns
> > "loginRequired"
> > 3. Struts looks in the action definition in struts.xml for a <result
> > name="loginRequired"> and doesn't find one
> > 4. Struts then looks at the global results for <result
> > name="loginRequired"> and finds a match
> > 5. It should then send a redirect to the browser specifying the URL
> for
> > the "loginRequired" action
> > 6. At that point, since there is no action class assigned, the
> > "/expiredSession.jsp" file would be processed and returned to the
> > browser
> > (of course if this is an AJAX request, the JavaScript better be
> > expecting
> > whatever this .jsp file contains).
> >
> > but from your messages I'm assuming this is not what you're seeing.
> > You can either step through the process in the debugger and make sure
> > things are happening in that order, or (what I would probably do) put
> > log statements at each of those places (at the very least) and make
> > sure I'm seeing those events logged in the proper order. Sorry, I
> > can't be more helpful than that.
> >
> > (*Chris*)
> >
> >
> > On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > Yes, here's struts.xml with one ajax action (getClientAccounts).
> > > This action is executed when called even though the interceptor
> > > returns "loginRequired"
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > > <constant name="struts.devMode" value="true" />
> > >
> > > <package name="basicstruts2" extends="struts-default">
> > >
> > > <interceptors>
> > > <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > <interceptor-stack
> name="sessionExpirationStack">
> > > <interceptor-ref
> > > name="expiredSessionInterceptor">
> > > <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogi
> > n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > </interceptor-ref>
> > > <interceptor-ref name="defaultStack"/>
> > > </interceptor-stack>
> > > </interceptors>
> > >
> > > <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > > <global-results>
> > > <result type="redirectAction"
> > > name="loginRequired">loginRequired</result>
> > > </global-results>
> > >
> > > <action name="loginRequired">
> > > <result>/expiredSession.jsp</result>
> > > </action>
> > >
> > > <action name="getClientAccounts"
> > > class="mesirow.action.AccountActions"
> > method="getClientAccounts"></action>
> > > </package>
> > >
> > > </struts>
> > >
> > > -----Original Message-----
> > > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > > Sent: Saturday, January 12, 2013 3:11 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > So you now have this in your struts.xml?
> > >
> > > <global-results>
> > > <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > > </global-results>
> > >
> > > (*Chris*)
> > >
> > >
> > >
> > > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > > pbetbasoo@mesirowfinancial.com> wrote:
> > >
> > > > I did put redirectAction action in, it's still not working. The
> > > > web page expiredSession.jsp is not being shown and there is no
> > > > indication of an error having occurred.
> > > >
> > > > When I try this, I observe that the action that initiated the call
> > > > is still being called, even though the interceptor returns the
> > > > loginRequired result.
> > > >
> > > > Any ideas?
> > > >
> > > > -----Original Message-----
> > > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > > Sent: Friday, January 11, 2013 9:27 PM
> > > > To: Struts Users Mailing List
> > > > Subject: RE: Session Expired Interceptor
> > > >
> > > > You are missing the redirectAction. Use something like this:
> > > >
> > > > <result name="programming"
> > > > type="redirectAction">programming</result>
> > > >
> > > > In your case it would be:
> > > >
> > > > <result name="loginRequired"
> > > > type="redirectAction">loginRequired</result>
> > > >
> > > > Regards,
> > > > Ajay Mahendru
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > > Sent: Friday, January 11, 2013 8:23 PM
> > > > To: Struts Users Mailing List
> > > > Subject: Re: Session Expired Interceptor
> > > >
> > > > I'm actually surprised it's not erroring out since the global
> > > > result should be a redirectAction since you're not forwarding to a
> JSP.
> > > >
> > > > Dave
> > > >
> > > > (On mobile device, please forgive typos, bizarre autocompletes,
> > > > and
> > > > top-
> > > > quoting.)
> > > > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > > pbetbasoo@mesirowfinancial.com>
> > > > wrote:
> > > >
> > > > > I have written a simple interceptor to check for an expired
> session.
> > > > > Here's the code:
> > > > >
> > > > > public class ExpiredSessionInterceptor extends
> > > > > AbstractInterceptor implements Constants {
> > > > > private static final long serialVersionUID = 1L;
> > > > > private String excludeActions = "";
> > > > >
> > > > > public synchronized String intercept(ActionInvocation
> > > > > invocation) throws Exception
> > > > > {
> > > > > Map<String, Object> session =
> > > > > invocation.getInvocationContext().getSession();
> > > > > String actionName =
> > invocation.getProxy().getActionName();
> > > > > if (excludeActions.indexOf(actionName) != -1) return
> > > > > invocation.invoke();
> > > > >
> > > > > UserInfo userInfo = (UserInfo)
> > session.get(Attr_UserInfo);
> > > > > if (userInfo == null)
> > > > > {
> > > > > return "loginRequired";
> > > > > }
> > > > >
> > > > > return invocation.invoke();
> > > > > }
> > > > >
> > > > > public void setExcludeActions(String values)
> > > > > {
> > > > > excludeActions = values;
> > > > > }
> > > > > }
> > > > >
> > > > > And here's struts.xml
> > > > >
> > > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > > > "-//Apache Software Foundation//DTD Struts Configuration
> 2.0//EN"
> > > > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > > >
> > > > > <struts>
> > > > >
> > > > > <constant name="struts.devMode" value="true" />
> > > > >
> > > > > <package name="basicstruts2" extends="struts-default">
> > > > >
> > > > > <interceptors>
> > > > > <interceptor name="expiredSessionInterceptor"
> > > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > > > <interceptor-stack name="sessionExpirationStack">
> > > > > <interceptor-ref
> > > > name="expiredSessionInterceptor">
> > > > > <param
> > > > >
> > > > name="excludeActions">login,logout,index,certLogin.jsp,condo,condo
> > > > Lo gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > > > </interceptor-ref>
> > > > > <interceptor-ref name="defaultStack"/>
> > > > > </interceptor-stack>
> > > > > </interceptors>
> > > > >
> > > > > <default-interceptor-ref name="sessionExpirationStack"
> > > > > />
> > > > >
> > > > > <global-results>
> > > > > <result
> name="loginRequired">loginRequired</result>
> > > > > </global-results>
> > > > >
> > > > > <action name="loginRequired">
> > > > > <result>/expiredSession.jsp</result>
> > > > > </action>
> > > > >
> > > > > </package>
> > > > >
> > > > > </struts>
> > > > >
> > > > > I have traced into this code and it is correctly returning
> > > > "loginRequired"
> > > > > when the user is not logged in. The problem is, the
> > > > > expiredSession.jsp is not being shown.
> > > > >
> > > > > This app is entirely driven by ajax calls that return NONE from
> > > > > their struts action handlers.
> > > > >
> > > > > What I observe is that instead of showing the
> > > > > expiredSession.jsp, the ajax call goes through to its action
> > > > > handler (and fails). Why is the action handler for an ajax call
> > > > > being called when I am returning
> > > > "loginRequired"?
> > > > >
> > > > >
> > > > > Visit us on the Web at mesirowfinancial.com
> > > > >
> > > > > This communication may contain privileged and/or confidential
> > > > information.
> > > > > It is intended solely for the use of the addressee. If you are
> > > > > not the intended recipient, you are strictly prohibited from
> > > > > disclosing, copying, distributing or using any of this
> > > > > information. If you received this communication in error, please
> > > > > contact the sender immediately and destroy the material in its
> > > > > entirety, whether electronic
> > > > or hard copy.
> > > > > Confidential, proprietary or time-sensitive communications
> > > > > should not be transmitted via the Internet, as there can be no
> > > > > assurance of actual or timely delivery, receipt and/or
> > > > > confidentiality. This is not an offer, or solicitation of any
> > > > > offer to buy or sell any security, investment or other product.
> > > > >
> > > >
> > > > ------------------------------------------------------------------
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are not
> > > > the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications should
> > > > not be transmitted via the Internet, as there can be no assurance
> > > > of actual or timely delivery, receipt and/or confidentiality. This
> > > > is not an offer, or solicitation of any offer to buy or sell any
> > > > security, investment or other product.
> > > >
> > > >
> > > > ------------------------------------------------------------------
> > > > --
> > > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from disclosing,
> > > copying, distributing or using any of this information. If you
> > > received this communication in error, please contact the sender
> > > immediately and destroy the material in its entirety, whether
> > > electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance of
> > > actual or timely delivery, receipt and/or confidentiality. This is
> > > not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not the
> > intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should not
> > be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is not
> > an offer, or solicitation of any offer to buy or sell any security,
> > investment or other product.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
RE: Session Expired Interceptor
Posted by "BetBasoo, Peter" <pb...@mesirowfinancial.com>.
Chris:
The javascript is expecting the result in XML format, not a jsp page.
Isn't the interceptor supposed to redirect to expiredSession.jsp? In other words, isn't the ajax call that initiated this nullified because the interceptor returns "loginRequired"?
That's the whole point of this global interceptor. If the session has expired, the user should be redirected to expiredSession.jsp, regardless of the call's origin.
For example, the action I have defined below, getClientAccounts, is an ajax call. If the session has expired and the user clicks on the link that initiates this call, the user should be taken to expiredSession.jsp.
Do I have to configure the result for "loginRequired" in this call? If so, I would have to do it for all of the ajax calls, so what would be the point of the global interceptor?
What am I doing wrong?
-----Original Message-----
From: Chris Pratt [mailto:thechrispratt@gmail.com]
Sent: Saturday, January 12, 2013 11:27 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor
Well, the action handler for step 6 hasn't been defined in struts.xml, so it will use the struts default action handler, which simply returns SUCCESS. That will trigger the JSP processor to process the /expiredSession.jsp and return it to the AJAX client, is that what the javascript handler is expecting?
(*Chris*)
On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter < pbetbasoo@mesirowfinancial.com> wrote:
> Chris:
>
> Thanks for your help. You touched on two key points.
>
> The login procedure is ajax driven and processing a successful login
> (i.e., moving to the next page) is handled on the client side.
>
> Regarding point 6, this is in fact an ajax request. The action handler
> returns NONE. There are no results defined for the ajax action
> (getClientAccounts). The client side (javascript) handler for this
> request does not process loginRequired because I thought that it would
> never get to that point because of the interceptor. Is this a valid assumption?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 4:19 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> That looks right to me (except for the fact that if the user logs in
> there are no results for getClientAccounts).
>
>
> 1. What should be happening is that Struts runs the interceptor stack,
> finding your expiredSessionInterceptor first
> 2. When it runs it, it finds that the user is not logged in and returns
> "loginRequired"
> 3. Struts looks in the action definition in struts.xml for a <result
> name="loginRequired"> and doesn't find one
> 4. Struts then looks at the global results for <result
> name="loginRequired"> and finds a match
> 5. It should then send a redirect to the browser specifying the URL for
> the "loginRequired" action
> 6. At that point, since there is no action class assigned, the
> "/expiredSession.jsp" file would be processed and returned to the
> browser
> (of course if this is an AJAX request, the JavaScript better be
> expecting
> whatever this .jsp file contains).
>
> but from your messages I'm assuming this is not what you're seeing.
> You can either step through the process in the debugger and make sure
> things are happening in that order, or (what I would probably do) put
> log statements at each of those places (at the very least) and make
> sure I'm seeing those events logged in the proper order. Sorry, I
> can't be more helpful than that.
>
> (*Chris*)
>
>
> On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Yes, here's struts.xml with one ajax action (getClientAccounts).
> > This action is executed when called even though the interceptor
> > returns "loginRequired"
> >
> > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > "http://struts.apache.org/dtds/struts-2.0.dtd">
> >
> > <struts>
> >
> > <constant name="struts.devMode" value="true" />
> >
> > <package name="basicstruts2" extends="struts-default">
> >
> > <interceptors>
> > <interceptor name="expiredSessionInterceptor"
> > class="mesirow.struts.ExpiredSessionInterceptor" />
> > <interceptor-stack name="sessionExpirationStack">
> > <interceptor-ref
> > name="expiredSessionInterceptor">
> > <param
> >
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogi
> n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > </interceptor-ref>
> > <interceptor-ref name="defaultStack"/>
> > </interceptor-stack>
> > </interceptors>
> >
> > <default-interceptor-ref name="sessionExpirationStack"
> > />
> >
> > <global-results>
> > <result type="redirectAction"
> > name="loginRequired">loginRequired</result>
> > </global-results>
> >
> > <action name="loginRequired">
> > <result>/expiredSession.jsp</result>
> > </action>
> >
> > <action name="getClientAccounts"
> > class="mesirow.action.AccountActions"
> method="getClientAccounts"></action>
> > </package>
> >
> > </struts>
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 3:11 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > So you now have this in your struts.xml?
> >
> > <global-results>
> > <result name="loginRequired"
> > type="redirectAction">loginRequired</result>
> > </global-results>
> >
> > (*Chris*)
> >
> >
> >
> > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > I did put redirectAction action in, it's still not working. The
> > > web page expiredSession.jsp is not being shown and there is no
> > > indication of an error having occurred.
> > >
> > > When I try this, I observe that the action that initiated the call
> > > is still being called, even though the interceptor returns the
> > > loginRequired result.
> > >
> > > Any ideas?
> > >
> > > -----Original Message-----
> > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > Sent: Friday, January 11, 2013 9:27 PM
> > > To: Struts Users Mailing List
> > > Subject: RE: Session Expired Interceptor
> > >
> > > You are missing the redirectAction. Use something like this:
> > >
> > > <result name="programming"
> > > type="redirectAction">programming</result>
> > >
> > > In your case it would be:
> > >
> > > <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > >
> > > Regards,
> > > Ajay Mahendru
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > Sent: Friday, January 11, 2013 8:23 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > I'm actually surprised it's not erroring out since the global
> > > result should be a redirectAction since you're not forwarding to a JSP.
> > >
> > > Dave
> > >
> > > (On mobile device, please forgive typos, bizarre autocompletes,
> > > and
> > > top-
> > > quoting.)
> > > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > pbetbasoo@mesirowfinancial.com>
> > > wrote:
> > >
> > > > I have written a simple interceptor to check for an expired session.
> > > > Here's the code:
> > > >
> > > > public class ExpiredSessionInterceptor extends
> > > > AbstractInterceptor implements Constants {
> > > > private static final long serialVersionUID = 1L;
> > > > private String excludeActions = "";
> > > >
> > > > public synchronized String intercept(ActionInvocation
> > > > invocation) throws Exception
> > > > {
> > > > Map<String, Object> session =
> > > > invocation.getInvocationContext().getSession();
> > > > String actionName =
> invocation.getProxy().getActionName();
> > > > if (excludeActions.indexOf(actionName) != -1) return
> > > > invocation.invoke();
> > > >
> > > > UserInfo userInfo = (UserInfo)
> session.get(Attr_UserInfo);
> > > > if (userInfo == null)
> > > > {
> > > > return "loginRequired";
> > > > }
> > > >
> > > > return invocation.invoke();
> > > > }
> > > >
> > > > public void setExcludeActions(String values)
> > > > {
> > > > excludeActions = values;
> > > > }
> > > > }
> > > >
> > > > And here's struts.xml
> > > >
> > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > >
> > > > <struts>
> > > >
> > > > <constant name="struts.devMode" value="true" />
> > > >
> > > > <package name="basicstruts2" extends="struts-default">
> > > >
> > > > <interceptors>
> > > > <interceptor name="expiredSessionInterceptor"
> > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > > <interceptor-stack name="sessionExpirationStack">
> > > > <interceptor-ref
> > > name="expiredSessionInterceptor">
> > > > <param
> > > >
> > > name="excludeActions">login,logout,index,certLogin.jsp,condo,condo
> > > Lo gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > > </interceptor-ref>
> > > > <interceptor-ref name="defaultStack"/>
> > > > </interceptor-stack>
> > > > </interceptors>
> > > >
> > > > <default-interceptor-ref name="sessionExpirationStack"
> > > > />
> > > >
> > > > <global-results>
> > > > <result name="loginRequired">loginRequired</result>
> > > > </global-results>
> > > >
> > > > <action name="loginRequired">
> > > > <result>/expiredSession.jsp</result>
> > > > </action>
> > > >
> > > > </package>
> > > >
> > > > </struts>
> > > >
> > > > I have traced into this code and it is correctly returning
> > > "loginRequired"
> > > > when the user is not logged in. The problem is, the
> > > > expiredSession.jsp is not being shown.
> > > >
> > > > This app is entirely driven by ajax calls that return NONE from
> > > > their struts action handlers.
> > > >
> > > > What I observe is that instead of showing the
> > > > expiredSession.jsp, the ajax call goes through to its action
> > > > handler (and fails). Why is the action handler for an ajax call
> > > > being called when I am returning
> > > "loginRequired"?
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are
> > > > not the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications
> > > > should not be transmitted via the Internet, as there can be no
> > > > assurance of actual or timely delivery, receipt and/or
> > > > confidentiality. This is not an offer, or solicitation of any
> > > > offer to buy or sell any security, investment or other product.
> > > >
> > >
> > > ------------------------------------------------------------------
> > > --
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from
> > > disclosing, copying, distributing or using any of this
> > > information. If you received this communication in error, please
> > > contact the sender immediately and destroy the material in its
> > > entirety, whether electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance
> > > of actual or timely delivery, receipt and/or confidentiality. This
> > > is not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > ------------------------------------------------------------------
> > > --
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Expired Interceptor
Posted by Chris Pratt <th...@gmail.com>.
Well, the action handler for step 6 hasn't been defined in struts.xml, so
it will use the struts default action handler, which simply returns
SUCCESS. That will trigger the JSP processor to process the
/expiredSession.jsp and return it to the AJAX client, is that what the
javascript handler is expecting?
(*Chris*)
On Sat, Jan 12, 2013 at 6:05 PM, BetBasoo, Peter <
pbetbasoo@mesirowfinancial.com> wrote:
> Chris:
>
> Thanks for your help. You touched on two key points.
>
> The login procedure is ajax driven and processing a successful login
> (i.e., moving to the next page) is handled on the client side.
>
> Regarding point 6, this is in fact an ajax request. The action handler
> returns NONE. There are no results defined for the ajax action
> (getClientAccounts). The client side (javascript) handler for this request
> does not process loginRequired because I thought that it would never get to
> that point because of the interceptor. Is this a valid assumption?
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 4:19 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> That looks right to me (except for the fact that if the user logs in there
> are no results for getClientAccounts).
>
>
> 1. What should be happening is that Struts runs the interceptor stack,
> finding your expiredSessionInterceptor first
> 2. When it runs it, it finds that the user is not logged in and returns
> "loginRequired"
> 3. Struts looks in the action definition in struts.xml for a <result
> name="loginRequired"> and doesn't find one
> 4. Struts then looks at the global results for <result
> name="loginRequired"> and finds a match
> 5. It should then send a redirect to the browser specifying the URL for
> the "loginRequired" action
> 6. At that point, since there is no action class assigned, the
> "/expiredSession.jsp" file would be processed and returned to the
> browser
> (of course if this is an AJAX request, the JavaScript better be
> expecting
> whatever this .jsp file contains).
>
> but from your messages I'm assuming this is not what you're seeing. You
> can either step through the process in the debugger and make sure things
> are happening in that order, or (what I would probably do) put log
> statements at each of those places (at the very least) and make sure I'm
> seeing those events logged in the proper order. Sorry, I can't be more
> helpful than that.
>
> (*Chris*)
>
>
> On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > Yes, here's struts.xml with one ajax action (getClientAccounts). This
> > action is executed when called even though the interceptor returns
> > "loginRequired"
> >
> > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > "http://struts.apache.org/dtds/struts-2.0.dtd">
> >
> > <struts>
> >
> > <constant name="struts.devMode" value="true" />
> >
> > <package name="basicstruts2" extends="struts-default">
> >
> > <interceptors>
> > <interceptor name="expiredSessionInterceptor"
> > class="mesirow.struts.ExpiredSessionInterceptor" />
> > <interceptor-stack name="sessionExpirationStack">
> > <interceptor-ref
> > name="expiredSessionInterceptor">
> > <param
> >
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > </interceptor-ref>
> > <interceptor-ref name="defaultStack"/>
> > </interceptor-stack>
> > </interceptors>
> >
> > <default-interceptor-ref name="sessionExpirationStack"
> > />
> >
> > <global-results>
> > <result type="redirectAction"
> > name="loginRequired">loginRequired</result>
> > </global-results>
> >
> > <action name="loginRequired">
> > <result>/expiredSession.jsp</result>
> > </action>
> >
> > <action name="getClientAccounts"
> > class="mesirow.action.AccountActions"
> method="getClientAccounts"></action>
> > </package>
> >
> > </struts>
> >
> > -----Original Message-----
> > From: Chris Pratt [mailto:thechrispratt@gmail.com]
> > Sent: Saturday, January 12, 2013 3:11 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > So you now have this in your struts.xml?
> >
> > <global-results>
> > <result name="loginRequired"
> > type="redirectAction">loginRequired</result>
> > </global-results>
> >
> > (*Chris*)
> >
> >
> >
> > On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> > pbetbasoo@mesirowfinancial.com> wrote:
> >
> > > I did put redirectAction action in, it's still not working. The web
> > > page expiredSession.jsp is not being shown and there is no
> > > indication of an error having occurred.
> > >
> > > When I try this, I observe that the action that initiated the call
> > > is still being called, even though the interceptor returns the
> > > loginRequired result.
> > >
> > > Any ideas?
> > >
> > > -----Original Message-----
> > > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > > Sent: Friday, January 11, 2013 9:27 PM
> > > To: Struts Users Mailing List
> > > Subject: RE: Session Expired Interceptor
> > >
> > > You are missing the redirectAction. Use something like this:
> > >
> > > <result name="programming"
> > > type="redirectAction">programming</result>
> > >
> > > In your case it would be:
> > >
> > > <result name="loginRequired"
> > > type="redirectAction">loginRequired</result>
> > >
> > > Regards,
> > > Ajay Mahendru
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Dave Newton [mailto:davelnewton@gmail.com]
> > > Sent: Friday, January 11, 2013 8:23 PM
> > > To: Struts Users Mailing List
> > > Subject: Re: Session Expired Interceptor
> > >
> > > I'm actually surprised it's not erroring out since the global result
> > > should be a redirectAction since you're not forwarding to a JSP.
> > >
> > > Dave
> > >
> > > (On mobile device, please forgive typos, bizarre autocompletes, and
> > > top-
> > > quoting.)
> > > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > > pbetbasoo@mesirowfinancial.com>
> > > wrote:
> > >
> > > > I have written a simple interceptor to check for an expired session.
> > > > Here's the code:
> > > >
> > > > public class ExpiredSessionInterceptor extends AbstractInterceptor
> > > > implements Constants {
> > > > private static final long serialVersionUID = 1L;
> > > > private String excludeActions = "";
> > > >
> > > > public synchronized String intercept(ActionInvocation
> > > > invocation) throws Exception
> > > > {
> > > > Map<String, Object> session =
> > > > invocation.getInvocationContext().getSession();
> > > > String actionName =
> invocation.getProxy().getActionName();
> > > > if (excludeActions.indexOf(actionName) != -1) return
> > > > invocation.invoke();
> > > >
> > > > UserInfo userInfo = (UserInfo)
> session.get(Attr_UserInfo);
> > > > if (userInfo == null)
> > > > {
> > > > return "loginRequired";
> > > > }
> > > >
> > > > return invocation.invoke();
> > > > }
> > > >
> > > > public void setExcludeActions(String values)
> > > > {
> > > > excludeActions = values;
> > > > }
> > > > }
> > > >
> > > > And here's struts.xml
> > > >
> > > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > > >
> > > > <struts>
> > > >
> > > > <constant name="struts.devMode" value="true" />
> > > >
> > > > <package name="basicstruts2" extends="struts-default">
> > > >
> > > > <interceptors>
> > > > <interceptor name="expiredSessionInterceptor"
> > > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > > <interceptor-stack name="sessionExpirationStack">
> > > > <interceptor-ref
> > > name="expiredSessionInterceptor">
> > > > <param
> > > >
> > > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLo
> > > gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > > </interceptor-ref>
> > > > <interceptor-ref name="defaultStack"/>
> > > > </interceptor-stack>
> > > > </interceptors>
> > > >
> > > > <default-interceptor-ref name="sessionExpirationStack"
> > > > />
> > > >
> > > > <global-results>
> > > > <result name="loginRequired">loginRequired</result>
> > > > </global-results>
> > > >
> > > > <action name="loginRequired">
> > > > <result>/expiredSession.jsp</result>
> > > > </action>
> > > >
> > > > </package>
> > > >
> > > > </struts>
> > > >
> > > > I have traced into this code and it is correctly returning
> > > "loginRequired"
> > > > when the user is not logged in. The problem is, the
> > > > expiredSession.jsp is not being shown.
> > > >
> > > > This app is entirely driven by ajax calls that return NONE from
> > > > their struts action handlers.
> > > >
> > > > What I observe is that instead of showing the expiredSession.jsp,
> > > > the ajax call goes through to its action handler (and fails). Why
> > > > is the action handler for an ajax call being called when I am
> > > > returning
> > > "loginRequired"?
> > > >
> > > >
> > > > Visit us on the Web at mesirowfinancial.com
> > > >
> > > > This communication may contain privileged and/or confidential
> > > information.
> > > > It is intended solely for the use of the addressee. If you are not
> > > > the intended recipient, you are strictly prohibited from
> > > > disclosing, copying, distributing or using any of this
> > > > information. If you received this communication in error, please
> > > > contact the sender immediately and destroy the material in its
> > > > entirety, whether electronic
> > > or hard copy.
> > > > Confidential, proprietary or time-sensitive communications should
> > > > not be transmitted via the Internet, as there can be no assurance
> > > > of actual or timely delivery, receipt and/or confidentiality. This
> > > > is not an offer, or solicitation of any offer to buy or sell any
> > > > security, investment or other product.
> > > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from disclosing,
> > > copying, distributing or using any of this information. If you
> > > received this communication in error, please contact the sender
> > > immediately and destroy the material in its entirety, whether
> > > electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance of
> > > actual or timely delivery, receipt and/or confidentiality. This is
> > > not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not the
> > intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should not
> > be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is not
> > an offer, or solicitation of any offer to buy or sell any security,
> > investment or other product.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
RE: Session Expired Interceptor
Posted by "BetBasoo, Peter" <pb...@mesirowfinancial.com>.
Chris:
Thanks for your help. You touched on two key points.
The login procedure is ajax driven and processing a successful login (i.e., moving to the next page) is handled on the client side.
Regarding point 6, this is in fact an ajax request. The action handler returns NONE. There are no results defined for the ajax action (getClientAccounts). The client side (javascript) handler for this request does not process loginRequired because I thought that it would never get to that point because of the interceptor. Is this a valid assumption?
-----Original Message-----
From: Chris Pratt [mailto:thechrispratt@gmail.com]
Sent: Saturday, January 12, 2013 4:19 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor
That looks right to me (except for the fact that if the user logs in there are no results for getClientAccounts).
1. What should be happening is that Struts runs the interceptor stack,
finding your expiredSessionInterceptor first
2. When it runs it, it finds that the user is not logged in and returns
"loginRequired"
3. Struts looks in the action definition in struts.xml for a <result
name="loginRequired"> and doesn't find one
4. Struts then looks at the global results for <result
name="loginRequired"> and finds a match
5. It should then send a redirect to the browser specifying the URL for
the "loginRequired" action
6. At that point, since there is no action class assigned, the
"/expiredSession.jsp" file would be processed and returned to the browser
(of course if this is an AJAX request, the JavaScript better be expecting
whatever this .jsp file contains).
but from your messages I'm assuming this is not what you're seeing. You can either step through the process in the debugger and make sure things are happening in that order, or (what I would probably do) put log statements at each of those places (at the very least) and make sure I'm seeing those events logged in the proper order. Sorry, I can't be more helpful than that.
(*Chris*)
On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter < pbetbasoo@mesirowfinancial.com> wrote:
> Yes, here's struts.xml with one ajax action (getClientAccounts). This
> action is executed when called even though the interceptor returns
> "loginRequired"
>
> <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> "http://struts.apache.org/dtds/struts-2.0.dtd">
>
> <struts>
>
> <constant name="struts.devMode" value="true" />
>
> <package name="basicstruts2" extends="struts-default">
>
> <interceptors>
> <interceptor name="expiredSessionInterceptor"
> class="mesirow.struts.ExpiredSessionInterceptor" />
> <interceptor-stack name="sessionExpirationStack">
> <interceptor-ref
> name="expiredSessionInterceptor">
> <param
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
> </interceptor-ref>
> <interceptor-ref name="defaultStack"/>
> </interceptor-stack>
> </interceptors>
>
> <default-interceptor-ref name="sessionExpirationStack"
> />
>
> <global-results>
> <result type="redirectAction"
> name="loginRequired">loginRequired</result>
> </global-results>
>
> <action name="loginRequired">
> <result>/expiredSession.jsp</result>
> </action>
>
> <action name="getClientAccounts"
> class="mesirow.action.AccountActions" method="getClientAccounts"></action>
> </package>
>
> </struts>
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 3:11 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> So you now have this in your struts.xml?
>
> <global-results>
> <result name="loginRequired"
> type="redirectAction">loginRequired</result>
> </global-results>
>
> (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > I did put redirectAction action in, it's still not working. The web
> > page expiredSession.jsp is not being shown and there is no
> > indication of an error having occurred.
> >
> > When I try this, I observe that the action that initiated the call
> > is still being called, even though the interceptor returns the
> > loginRequired result.
> >
> > Any ideas?
> >
> > -----Original Message-----
> > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > Sent: Friday, January 11, 2013 9:27 PM
> > To: Struts Users Mailing List
> > Subject: RE: Session Expired Interceptor
> >
> > You are missing the redirectAction. Use something like this:
> >
> > <result name="programming"
> > type="redirectAction">programming</result>
> >
> > In your case it would be:
> >
> > <result name="loginRequired"
> > type="redirectAction">loginRequired</result>
> >
> > Regards,
> > Ajay Mahendru
> >
> >
> >
> > -----Original Message-----
> > From: Dave Newton [mailto:davelnewton@gmail.com]
> > Sent: Friday, January 11, 2013 8:23 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > I'm actually surprised it's not erroring out since the global result
> > should be a redirectAction since you're not forwarding to a JSP.
> >
> > Dave
> >
> > (On mobile device, please forgive typos, bizarre autocompletes, and
> > top-
> > quoting.)
> > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > pbetbasoo@mesirowfinancial.com>
> > wrote:
> >
> > > I have written a simple interceptor to check for an expired session.
> > > Here's the code:
> > >
> > > public class ExpiredSessionInterceptor extends AbstractInterceptor
> > > implements Constants {
> > > private static final long serialVersionUID = 1L;
> > > private String excludeActions = "";
> > >
> > > public synchronized String intercept(ActionInvocation
> > > invocation) throws Exception
> > > {
> > > Map<String, Object> session =
> > > invocation.getInvocationContext().getSession();
> > > String actionName = invocation.getProxy().getActionName();
> > > if (excludeActions.indexOf(actionName) != -1) return
> > > invocation.invoke();
> > >
> > > UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> > > if (userInfo == null)
> > > {
> > > return "loginRequired";
> > > }
> > >
> > > return invocation.invoke();
> > > }
> > >
> > > public void setExcludeActions(String values)
> > > {
> > > excludeActions = values;
> > > }
> > > }
> > >
> > > And here's struts.xml
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > > <constant name="struts.devMode" value="true" />
> > >
> > > <package name="basicstruts2" extends="struts-default">
> > >
> > > <interceptors>
> > > <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > <interceptor-stack name="sessionExpirationStack">
> > > <interceptor-ref
> > name="expiredSessionInterceptor">
> > > <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLo
> > gi n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > </interceptor-ref>
> > > <interceptor-ref name="defaultStack"/>
> > > </interceptor-stack>
> > > </interceptors>
> > >
> > > <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > > <global-results>
> > > <result name="loginRequired">loginRequired</result>
> > > </global-results>
> > >
> > > <action name="loginRequired">
> > > <result>/expiredSession.jsp</result>
> > > </action>
> > >
> > > </package>
> > >
> > > </struts>
> > >
> > > I have traced into this code and it is correctly returning
> > "loginRequired"
> > > when the user is not logged in. The problem is, the
> > > expiredSession.jsp is not being shown.
> > >
> > > This app is entirely driven by ajax calls that return NONE from
> > > their struts action handlers.
> > >
> > > What I observe is that instead of showing the expiredSession.jsp,
> > > the ajax call goes through to its action handler (and fails). Why
> > > is the action handler for an ajax call being called when I am
> > > returning
> > "loginRequired"?
> > >
> > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from
> > > disclosing, copying, distributing or using any of this
> > > information. If you received this communication in error, please
> > > contact the sender immediately and destroy the material in its
> > > entirety, whether electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance
> > > of actual or timely delivery, receipt and/or confidentiality. This
> > > is not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Expired Interceptor
Posted by Chris Pratt <th...@gmail.com>.
That looks right to me (except for the fact that if the user logs in there
are no results for getClientAccounts).
1. What should be happening is that Struts runs the interceptor stack,
finding your expiredSessionInterceptor first
2. When it runs it, it finds that the user is not logged in and returns
"loginRequired"
3. Struts looks in the action definition in struts.xml for a <result
name="loginRequired"> and doesn't find one
4. Struts then looks at the global results for <result
name="loginRequired"> and finds a match
5. It should then send a redirect to the browser specifying the URL for
the "loginRequired" action
6. At that point, since there is no action class assigned, the
"/expiredSession.jsp" file would be processed and returned to the browser
(of course if this is an AJAX request, the JavaScript better be expecting
whatever this .jsp file contains).
but from your messages I'm assuming this is not what you're seeing. You
can either step through the process in the debugger and make sure things
are happening in that order, or (what I would probably do) put log
statements at each of those places (at the very least) and make sure I'm
seeing those events logged in the proper order. Sorry, I can't be more
helpful than that.
(*Chris*)
On Sat, Jan 12, 2013 at 2:04 PM, BetBasoo, Peter <
pbetbasoo@mesirowfinancial.com> wrote:
> Yes, here's struts.xml with one ajax action (getClientAccounts). This
> action is executed when called even though the interceptor returns
> "loginRequired"
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE struts PUBLIC
> "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> "http://struts.apache.org/dtds/struts-2.0.dtd">
>
> <struts>
>
> <constant name="struts.devMode" value="true" />
>
> <package name="basicstruts2" extends="struts-default">
>
> <interceptors>
> <interceptor name="expiredSessionInterceptor"
> class="mesirow.struts.ExpiredSessionInterceptor" />
> <interceptor-stack name="sessionExpirationStack">
> <interceptor-ref
> name="expiredSessionInterceptor">
> <param
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
> </interceptor-ref>
> <interceptor-ref name="defaultStack"/>
> </interceptor-stack>
> </interceptors>
>
> <default-interceptor-ref name="sessionExpirationStack" />
>
> <global-results>
> <result type="redirectAction"
> name="loginRequired">loginRequired</result>
> </global-results>
>
> <action name="loginRequired">
> <result>/expiredSession.jsp</result>
> </action>
>
> <action name="getClientAccounts"
> class="mesirow.action.AccountActions" method="getClientAccounts"></action>
> </package>
>
> </struts>
>
> -----Original Message-----
> From: Chris Pratt [mailto:thechrispratt@gmail.com]
> Sent: Saturday, January 12, 2013 3:11 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> So you now have this in your struts.xml?
>
> <global-results>
> <result name="loginRequired"
> type="redirectAction">loginRequired</result>
> </global-results>
>
> (*Chris*)
>
>
>
> On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
> pbetbasoo@mesirowfinancial.com> wrote:
>
> > I did put redirectAction action in, it's still not working. The web
> > page expiredSession.jsp is not being shown and there is no indication
> > of an error having occurred.
> >
> > When I try this, I observe that the action that initiated the call is
> > still being called, even though the interceptor returns the
> > loginRequired result.
> >
> > Any ideas?
> >
> > -----Original Message-----
> > From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> > Sent: Friday, January 11, 2013 9:27 PM
> > To: Struts Users Mailing List
> > Subject: RE: Session Expired Interceptor
> >
> > You are missing the redirectAction. Use something like this:
> >
> > <result name="programming" type="redirectAction">programming</result>
> >
> > In your case it would be:
> >
> > <result name="loginRequired"
> > type="redirectAction">loginRequired</result>
> >
> > Regards,
> > Ajay Mahendru
> >
> >
> >
> > -----Original Message-----
> > From: Dave Newton [mailto:davelnewton@gmail.com]
> > Sent: Friday, January 11, 2013 8:23 PM
> > To: Struts Users Mailing List
> > Subject: Re: Session Expired Interceptor
> >
> > I'm actually surprised it's not erroring out since the global result
> > should be a redirectAction since you're not forwarding to a JSP.
> >
> > Dave
> >
> > (On mobile device, please forgive typos, bizarre autocompletes, and
> > top-
> > quoting.)
> > On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> > pbetbasoo@mesirowfinancial.com>
> > wrote:
> >
> > > I have written a simple interceptor to check for an expired session.
> > > Here's the code:
> > >
> > > public class ExpiredSessionInterceptor extends AbstractInterceptor
> > > implements Constants {
> > > private static final long serialVersionUID = 1L;
> > > private String excludeActions = "";
> > >
> > > public synchronized String intercept(ActionInvocation
> > > invocation) throws Exception
> > > {
> > > Map<String, Object> session =
> > > invocation.getInvocationContext().getSession();
> > > String actionName = invocation.getProxy().getActionName();
> > > if (excludeActions.indexOf(actionName) != -1) return
> > > invocation.invoke();
> > >
> > > UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> > > if (userInfo == null)
> > > {
> > > return "loginRequired";
> > > }
> > >
> > > return invocation.invoke();
> > > }
> > >
> > > public void setExcludeActions(String values)
> > > {
> > > excludeActions = values;
> > > }
> > > }
> > >
> > > And here's struts.xml
> > >
> > > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > > "http://struts.apache.org/dtds/struts-2.0.dtd">
> > >
> > > <struts>
> > >
> > > <constant name="struts.devMode" value="true" />
> > >
> > > <package name="basicstruts2" extends="struts-default">
> > >
> > > <interceptors>
> > > <interceptor name="expiredSessionInterceptor"
> > > class="mesirow.struts.ExpiredSessionInterceptor" />
> > > <interceptor-stack name="sessionExpirationStack">
> > > <interceptor-ref
> > name="expiredSessionInterceptor">
> > > <param
> > >
> > name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogi
> > n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > > </interceptor-ref>
> > > <interceptor-ref name="defaultStack"/>
> > > </interceptor-stack>
> > > </interceptors>
> > >
> > > <default-interceptor-ref name="sessionExpirationStack"
> > > />
> > >
> > > <global-results>
> > > <result name="loginRequired">loginRequired</result>
> > > </global-results>
> > >
> > > <action name="loginRequired">
> > > <result>/expiredSession.jsp</result>
> > > </action>
> > >
> > > </package>
> > >
> > > </struts>
> > >
> > > I have traced into this code and it is correctly returning
> > "loginRequired"
> > > when the user is not logged in. The problem is, the
> > > expiredSession.jsp is not being shown.
> > >
> > > This app is entirely driven by ajax calls that return NONE from
> > > their struts action handlers.
> > >
> > > What I observe is that instead of showing the expiredSession.jsp,
> > > the ajax call goes through to its action handler (and fails). Why is
> > > the action handler for an ajax call being called when I am returning
> > "loginRequired"?
> > >
> > >
> > > Visit us on the Web at mesirowfinancial.com
> > >
> > > This communication may contain privileged and/or confidential
> > information.
> > > It is intended solely for the use of the addressee. If you are not
> > > the intended recipient, you are strictly prohibited from disclosing,
> > > copying, distributing or using any of this information. If you
> > > received this communication in error, please contact the sender
> > > immediately and destroy the material in its entirety, whether
> > > electronic
> > or hard copy.
> > > Confidential, proprietary or time-sensitive communications should
> > > not be transmitted via the Internet, as there can be no assurance of
> > > actual or timely delivery, receipt and/or confidentiality. This is
> > > not an offer, or solicitation of any offer to buy or sell any
> > > security, investment or other product.
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not the
> > intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should not
> > be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is not
> > an offer, or solicitation of any offer to buy or sell any security,
> > investment or other product.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
RE: Session Expired Interceptor
Posted by "BetBasoo, Peter" <pb...@mesirowfinancial.com>.
Yes, here's struts.xml with one ajax action (getClientAccounts). This action is executed when called even though the interceptor returns "loginRequired"
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<constant name="struts.devMode" value="true" />
<package name="basicstruts2" extends="struts-default">
<interceptors>
<interceptor name="expiredSessionInterceptor" class="mesirow.struts.ExpiredSessionInterceptor" />
<interceptor-stack name="sessionExpirationStack">
<interceptor-ref name="expiredSessionInterceptor">
<param name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
</interceptor-ref>
<interceptor-ref name="defaultStack"/>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="sessionExpirationStack" />
<global-results>
<result type="redirectAction" name="loginRequired">loginRequired</result>
</global-results>
<action name="loginRequired">
<result>/expiredSession.jsp</result>
</action>
<action name="getClientAccounts" class="mesirow.action.AccountActions" method="getClientAccounts"></action>
</package>
</struts>
-----Original Message-----
From: Chris Pratt [mailto:thechrispratt@gmail.com]
Sent: Saturday, January 12, 2013 3:11 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor
So you now have this in your struts.xml?
<global-results>
<result name="loginRequired"
type="redirectAction">loginRequired</result>
</global-results>
(*Chris*)
On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter < pbetbasoo@mesirowfinancial.com> wrote:
> I did put redirectAction action in, it's still not working. The web
> page expiredSession.jsp is not being shown and there is no indication
> of an error having occurred.
>
> When I try this, I observe that the action that initiated the call is
> still being called, even though the interceptor returns the
> loginRequired result.
>
> Any ideas?
>
> -----Original Message-----
> From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> Sent: Friday, January 11, 2013 9:27 PM
> To: Struts Users Mailing List
> Subject: RE: Session Expired Interceptor
>
> You are missing the redirectAction. Use something like this:
>
> <result name="programming" type="redirectAction">programming</result>
>
> In your case it would be:
>
> <result name="loginRequired"
> type="redirectAction">loginRequired</result>
>
> Regards,
> Ajay Mahendru
>
>
>
> -----Original Message-----
> From: Dave Newton [mailto:davelnewton@gmail.com]
> Sent: Friday, January 11, 2013 8:23 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> I'm actually surprised it's not erroring out since the global result
> should be a redirectAction since you're not forwarding to a JSP.
>
> Dave
>
> (On mobile device, please forgive typos, bizarre autocompletes, and
> top-
> quoting.)
> On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> pbetbasoo@mesirowfinancial.com>
> wrote:
>
> > I have written a simple interceptor to check for an expired session.
> > Here's the code:
> >
> > public class ExpiredSessionInterceptor extends AbstractInterceptor
> > implements Constants {
> > private static final long serialVersionUID = 1L;
> > private String excludeActions = "";
> >
> > public synchronized String intercept(ActionInvocation
> > invocation) throws Exception
> > {
> > Map<String, Object> session =
> > invocation.getInvocationContext().getSession();
> > String actionName = invocation.getProxy().getActionName();
> > if (excludeActions.indexOf(actionName) != -1) return
> > invocation.invoke();
> >
> > UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> > if (userInfo == null)
> > {
> > return "loginRequired";
> > }
> >
> > return invocation.invoke();
> > }
> >
> > public void setExcludeActions(String values)
> > {
> > excludeActions = values;
> > }
> > }
> >
> > And here's struts.xml
> >
> > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > "http://struts.apache.org/dtds/struts-2.0.dtd">
> >
> > <struts>
> >
> > <constant name="struts.devMode" value="true" />
> >
> > <package name="basicstruts2" extends="struts-default">
> >
> > <interceptors>
> > <interceptor name="expiredSessionInterceptor"
> > class="mesirow.struts.ExpiredSessionInterceptor" />
> > <interceptor-stack name="sessionExpirationStack">
> > <interceptor-ref
> name="expiredSessionInterceptor">
> > <param
> >
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogi
> n.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > </interceptor-ref>
> > <interceptor-ref name="defaultStack"/>
> > </interceptor-stack>
> > </interceptors>
> >
> > <default-interceptor-ref name="sessionExpirationStack"
> > />
> >
> > <global-results>
> > <result name="loginRequired">loginRequired</result>
> > </global-results>
> >
> > <action name="loginRequired">
> > <result>/expiredSession.jsp</result>
> > </action>
> >
> > </package>
> >
> > </struts>
> >
> > I have traced into this code and it is correctly returning
> "loginRequired"
> > when the user is not logged in. The problem is, the
> > expiredSession.jsp is not being shown.
> >
> > This app is entirely driven by ajax calls that return NONE from
> > their struts action handlers.
> >
> > What I observe is that instead of showing the expiredSession.jsp,
> > the ajax call goes through to its action handler (and fails). Why is
> > the action handler for an ajax call being called when I am returning
> "loginRequired"?
> >
> >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not
> > the intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether
> > electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should
> > not be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is
> > not an offer, or solicitation of any offer to buy or sell any
> > security, investment or other product.
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Expired Interceptor
Posted by Chris Pratt <th...@gmail.com>.
So you now have this in your struts.xml?
<global-results>
<result name="loginRequired"
type="redirectAction">loginRequired</result>
</global-results>
(*Chris*)
On Sat, Jan 12, 2013 at 12:06 PM, BetBasoo, Peter <
pbetbasoo@mesirowfinancial.com> wrote:
> I did put redirectAction action in, it's still not working. The web page
> expiredSession.jsp is not being shown and there is no indication of an
> error having occurred.
>
> When I try this, I observe that the action that initiated the call is
> still being called, even though the interceptor returns the loginRequired
> result.
>
> Any ideas?
>
> -----Original Message-----
> From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
> Sent: Friday, January 11, 2013 9:27 PM
> To: Struts Users Mailing List
> Subject: RE: Session Expired Interceptor
>
> You are missing the redirectAction. Use something like this:
>
> <result name="programming" type="redirectAction">programming</result>
>
> In your case it would be:
>
> <result name="loginRequired" type="redirectAction">loginRequired</result>
>
> Regards,
> Ajay Mahendru
>
>
>
> -----Original Message-----
> From: Dave Newton [mailto:davelnewton@gmail.com]
> Sent: Friday, January 11, 2013 8:23 PM
> To: Struts Users Mailing List
> Subject: Re: Session Expired Interceptor
>
> I'm actually surprised it's not erroring out since the global result
> should be a redirectAction since you're not forwarding to a JSP.
>
> Dave
>
> (On mobile device, please forgive typos, bizarre autocompletes, and top-
> quoting.)
> On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <
> pbetbasoo@mesirowfinancial.com>
> wrote:
>
> > I have written a simple interceptor to check for an expired session.
> > Here's the code:
> >
> > public class ExpiredSessionInterceptor extends AbstractInterceptor
> > implements Constants {
> > private static final long serialVersionUID = 1L;
> > private String excludeActions = "";
> >
> > public synchronized String intercept(ActionInvocation
> > invocation) throws Exception
> > {
> > Map<String, Object> session =
> > invocation.getInvocationContext().getSession();
> > String actionName = invocation.getProxy().getActionName();
> > if (excludeActions.indexOf(actionName) != -1) return
> > invocation.invoke();
> >
> > UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> > if (userInfo == null)
> > {
> > return "loginRequired";
> > }
> >
> > return invocation.invoke();
> > }
> >
> > public void setExcludeActions(String values)
> > {
> > excludeActions = values;
> > }
> > }
> >
> > And here's struts.xml
> >
> > <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> > "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> > "http://struts.apache.org/dtds/struts-2.0.dtd">
> >
> > <struts>
> >
> > <constant name="struts.devMode" value="true" />
> >
> > <package name="basicstruts2" extends="struts-default">
> >
> > <interceptors>
> > <interceptor name="expiredSessionInterceptor"
> > class="mesirow.struts.ExpiredSessionInterceptor" />
> > <interceptor-stack name="sessionExpirationStack">
> > <interceptor-ref
> name="expiredSessionInterceptor">
> > <param
> >
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
> > </interceptor-ref>
> > <interceptor-ref name="defaultStack"/>
> > </interceptor-stack>
> > </interceptors>
> >
> > <default-interceptor-ref name="sessionExpirationStack" />
> >
> > <global-results>
> > <result name="loginRequired">loginRequired</result>
> > </global-results>
> >
> > <action name="loginRequired">
> > <result>/expiredSession.jsp</result>
> > </action>
> >
> > </package>
> >
> > </struts>
> >
> > I have traced into this code and it is correctly returning
> "loginRequired"
> > when the user is not logged in. The problem is, the expiredSession.jsp
> > is not being shown.
> >
> > This app is entirely driven by ajax calls that return NONE from their
> > struts action handlers.
> >
> > What I observe is that instead of showing the expiredSession.jsp, the
> > ajax call goes through to its action handler (and fails). Why is the
> > action handler for an ajax call being called when I am returning
> "loginRequired"?
> >
> >
> > Visit us on the Web at mesirowfinancial.com
> >
> > This communication may contain privileged and/or confidential
> information.
> > It is intended solely for the use of the addressee. If you are not the
> > intended recipient, you are strictly prohibited from disclosing,
> > copying, distributing or using any of this information. If you
> > received this communication in error, please contact the sender
> > immediately and destroy the material in its entirety, whether electronic
> or hard copy.
> > Confidential, proprietary or time-sensitive communications should not
> > be transmitted via the Internet, as there can be no assurance of
> > actual or timely delivery, receipt and/or confidentiality. This is not
> > an offer, or solicitation of any offer to buy or sell any security,
> > investment or other product.
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
RE: Session Expired Interceptor
Posted by "BetBasoo, Peter" <pb...@mesirowfinancial.com>.
I did put redirectAction action in, it's still not working. The web page expiredSession.jsp is not being shown and there is no indication of an error having occurred.
When I try this, I observe that the action that initiated the call is still being called, even though the interceptor returns the loginRequired result.
Any ideas?
-----Original Message-----
From: Mahendru, Ajay [mailto:Ajay.Mahendru@dish.com]
Sent: Friday, January 11, 2013 9:27 PM
To: Struts Users Mailing List
Subject: RE: Session Expired Interceptor
You are missing the redirectAction. Use something like this:
<result name="programming" type="redirectAction">programming</result>
In your case it would be:
<result name="loginRequired" type="redirectAction">loginRequired</result>
Regards,
Ajay Mahendru
-----Original Message-----
From: Dave Newton [mailto:davelnewton@gmail.com]
Sent: Friday, January 11, 2013 8:23 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor
I'm actually surprised it's not erroring out since the global result should be a redirectAction since you're not forwarding to a JSP.
Dave
(On mobile device, please forgive typos, bizarre autocompletes, and top-
quoting.)
On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <pb...@mesirowfinancial.com>
wrote:
> I have written a simple interceptor to check for an expired session.
> Here's the code:
>
> public class ExpiredSessionInterceptor extends AbstractInterceptor
> implements Constants {
> private static final long serialVersionUID = 1L;
> private String excludeActions = "";
>
> public synchronized String intercept(ActionInvocation
> invocation) throws Exception
> {
> Map<String, Object> session =
> invocation.getInvocationContext().getSession();
> String actionName = invocation.getProxy().getActionName();
> if (excludeActions.indexOf(actionName) != -1) return
> invocation.invoke();
>
> UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> if (userInfo == null)
> {
> return "loginRequired";
> }
>
> return invocation.invoke();
> }
>
> public void setExcludeActions(String values)
> {
> excludeActions = values;
> }
> }
>
> And here's struts.xml
>
> <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC
> "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> "http://struts.apache.org/dtds/struts-2.0.dtd">
>
> <struts>
>
> <constant name="struts.devMode" value="true" />
>
> <package name="basicstruts2" extends="struts-default">
>
> <interceptors>
> <interceptor name="expiredSessionInterceptor"
> class="mesirow.struts.ExpiredSessionInterceptor" />
> <interceptor-stack name="sessionExpirationStack">
> <interceptor-ref name="expiredSessionInterceptor">
> <param
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
> </interceptor-ref>
> <interceptor-ref name="defaultStack"/>
> </interceptor-stack>
> </interceptors>
>
> <default-interceptor-ref name="sessionExpirationStack" />
>
> <global-results>
> <result name="loginRequired">loginRequired</result>
> </global-results>
>
> <action name="loginRequired">
> <result>/expiredSession.jsp</result>
> </action>
>
> </package>
>
> </struts>
>
> I have traced into this code and it is correctly returning "loginRequired"
> when the user is not logged in. The problem is, the expiredSession.jsp
> is not being shown.
>
> This app is entirely driven by ajax calls that return NONE from their
> struts action handlers.
>
> What I observe is that instead of showing the expiredSession.jsp, the
> ajax call goes through to its action handler (and fails). Why is the
> action handler for an ajax call being called when I am returning "loginRequired"?
>
>
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing,
> copying, distributing or using any of this information. If you
> received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not
> be transmitted via the Internet, as there can be no assurance of
> actual or timely delivery, receipt and/or confidentiality. This is not
> an offer, or solicitation of any offer to buy or sell any security,
> investment or other product.
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Visit us on the Web at mesirowfinancial.com
This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: Session Expired Interceptor
Posted by "Mahendru, Ajay" <Aj...@dish.com>.
You are missing the redirectAction. Use something like this:
<result name="programming" type="redirectAction">programming</result>
In your case it would be:
<result name="loginRequired" type="redirectAction">loginRequired</result>
Regards,
Ajay Mahendru
-----Original Message-----
From: Dave Newton [mailto:davelnewton@gmail.com]
Sent: Friday, January 11, 2013 8:23 PM
To: Struts Users Mailing List
Subject: Re: Session Expired Interceptor
I'm actually surprised it's not erroring out since the global result should
be a redirectAction since you're not forwarding to a JSP.
Dave
(On mobile device, please forgive typos, bizarre autocompletes, and top-
quoting.)
On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <pb...@mesirowfinancial.com>
wrote:
> I have written a simple interceptor to check for an expired session.
> Here's the code:
>
> public class ExpiredSessionInterceptor extends AbstractInterceptor
> implements Constants
> {
> private static final long serialVersionUID = 1L;
> private String excludeActions = "";
>
> public synchronized String intercept(ActionInvocation invocation)
> throws Exception
> {
> Map<String, Object> session =
> invocation.getInvocationContext().getSession();
> String actionName = invocation.getProxy().getActionName();
> if (excludeActions.indexOf(actionName) != -1) return
> invocation.invoke();
>
> UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> if (userInfo == null)
> {
> return "loginRequired";
> }
>
> return invocation.invoke();
> }
>
> public void setExcludeActions(String values)
> {
> excludeActions = values;
> }
> }
>
> And here's struts.xml
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE struts PUBLIC
> "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> "http://struts.apache.org/dtds/struts-2.0.dtd">
>
> <struts>
>
> <constant name="struts.devMode" value="true" />
>
> <package name="basicstruts2" extends="struts-default">
>
> <interceptors>
> <interceptor name="expiredSessionInterceptor"
> class="mesirow.struts.ExpiredSessionInterceptor" />
> <interceptor-stack name="sessionExpirationStack">
> <interceptor-ref name="expiredSessionInterceptor">
> <param
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
> </interceptor-ref>
> <interceptor-ref name="defaultStack"/>
> </interceptor-stack>
> </interceptors>
>
> <default-interceptor-ref name="sessionExpirationStack" />
>
> <global-results>
> <result name="loginRequired">loginRequired</result>
> </global-results>
>
> <action name="loginRequired">
> <result>/expiredSession.jsp</result>
> </action>
>
> </package>
>
> </struts>
>
> I have traced into this code and it is correctly returning "loginRequired"
> when the user is not logged in. The problem is, the expiredSession.jsp is
> not being shown.
>
> This app is entirely driven by ajax calls that return NONE from their
> struts action handlers.
>
> What I observe is that instead of showing the expiredSession.jsp, the ajax
> call goes through to its action handler (and fails). Why is the action
> handler for an ajax call being called when I am returning "loginRequired"?
>
>
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session Expired Interceptor
Posted by Dave Newton <da...@gmail.com>.
I'm actually surprised it's not erroring out since the global result should
be a redirectAction since you're not forwarding to a JSP.
Dave
(On mobile device, please forgive typos, bizarre autocompletes, and top-
quoting.)
On Jan 11, 2013 10:17 PM, "BetBasoo, Peter" <pb...@mesirowfinancial.com>
wrote:
> I have written a simple interceptor to check for an expired session.
> Here's the code:
>
> public class ExpiredSessionInterceptor extends AbstractInterceptor
> implements Constants
> {
> private static final long serialVersionUID = 1L;
> private String excludeActions = "";
>
> public synchronized String intercept(ActionInvocation invocation)
> throws Exception
> {
> Map<String, Object> session =
> invocation.getInvocationContext().getSession();
> String actionName = invocation.getProxy().getActionName();
> if (excludeActions.indexOf(actionName) != -1) return
> invocation.invoke();
>
> UserInfo userInfo = (UserInfo) session.get(Attr_UserInfo);
> if (userInfo == null)
> {
> return "loginRequired";
> }
>
> return invocation.invoke();
> }
>
> public void setExcludeActions(String values)
> {
> excludeActions = values;
> }
> }
>
> And here's struts.xml
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE struts PUBLIC
> "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
> "http://struts.apache.org/dtds/struts-2.0.dtd">
>
> <struts>
>
> <constant name="struts.devMode" value="true" />
>
> <package name="basicstruts2" extends="struts-default">
>
> <interceptors>
> <interceptor name="expiredSessionInterceptor"
> class="mesirow.struts.ExpiredSessionInterceptor" />
> <interceptor-stack name="sessionExpirationStack">
> <interceptor-ref name="expiredSessionInterceptor">
> <param
> name="excludeActions">login,logout,index,certLogin.jsp,condo,condoLogin.jsp,sendPassword,registerCondoUser,loginRequired</param>
> </interceptor-ref>
> <interceptor-ref name="defaultStack"/>
> </interceptor-stack>
> </interceptors>
>
> <default-interceptor-ref name="sessionExpirationStack" />
>
> <global-results>
> <result name="loginRequired">loginRequired</result>
> </global-results>
>
> <action name="loginRequired">
> <result>/expiredSession.jsp</result>
> </action>
>
> </package>
>
> </struts>
>
> I have traced into this code and it is correctly returning "loginRequired"
> when the user is not logged in. The problem is, the expiredSession.jsp is
> not being shown.
>
> This app is entirely driven by ajax calls that return NONE from their
> struts action handlers.
>
> What I observe is that instead of showing the expiredSession.jsp, the ajax
> call goes through to its action handler (and fails). Why is the action
> handler for an ajax call being called when I am returning "loginRequired"?
>
>
> Visit us on the Web at mesirowfinancial.com
>
> This communication may contain privileged and/or confidential information.
> It is intended solely for the use of the addressee. If you are not the
> intended recipient, you are strictly prohibited from disclosing, copying,
> distributing or using any of this information. If you received this
> communication in error, please contact the sender immediately and destroy
> the material in its entirety, whether electronic or hard copy.
> Confidential, proprietary or time-sensitive communications should not be
> transmitted via the Internet, as there can be no assurance of actual or
> timely delivery, receipt and/or confidentiality. This is not an offer, or
> solicitation of any offer to buy or sell any security, investment or other
> product.
>