You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by "Allen, Daniel" <Da...@kbcfp.com> on 2008/02/22 22:07:27 UTC
[s2] Validation, but not the first time
I've set up a login page for my site, and I've used the ValidationAware
interface on LoginAction in order to display errors on the login form
when the user name or password is incorrect. However, this has one
unintended result: the first time the user navigates to
"server.com/webapp/login.action", the page already displays errors for
missing fields.
Is there a way to prevent the validation from firing unless the user is
coming back to it after attempting to log in? My first thought is to
have another action defined in struts.xml, whose result would just be a
redirect to login.jsp, but it seems like there should be a solution that
doesn't introduce extra actions into the config. (In general, it's a
personal preference to keep XML files as small and simple as possible.)
Thanks,
~Dan Allen
struts.xml excerpt:
<action name="login" class="loginAction"> <!-- class is
instantiated by Spring, hence no qualified classname -->
<result name="input">/jsp/login.jsp</result>
<result
name="success">/jsp/redirect.jsp</result>
</action>
LoginAction.java
@SuppressWarnings("unchecked")
public class LoginAction extends ActionSupport implements
ValidationAware, Validateable, SessionAware {
private String userName = null;
private String password = null;
private String redirectDesintation = null;
public LoginChecker loginChecker = null;
private Map sessionAttributes = null;
@RequiredStringValidator(message="A valid user name is required
to log in.")
public void setUserName(String userName) {
this.userName = userName;
}
public String getUserName() {
return this.userName;
}
@RequiredStringValidator(message="You must enter your password
to log in.")
public void setPassword(String password) {
this.password = password;
}
public String getPassword() {
return this.password;
}
// For Spring to provide us with the appropriate implementation.
public void setLoginChecker(LoginChecker checker) {
this.loginChecker = checker;
}
@Override
public void setSession(Map sessionAttributes) {
this.sessionAttributes = sessionAttributes;
}
public String execute() {
// If we made it past the validation, then there's
really nothing else to do except
// send the user on to wherever s/he was going, via the
JSP.
// If we don't know where s/he was going, default to the
index.
if(redirectDesintation == null ||
redirectDesintation.equals(""))
redirectDesintation = "index.action";
return SUCCESS;
}
@Override
public void validate() {
User result = loginChecker.checkLogin(userName,
password);
// If log-in failed, add the action error
if(result == null) {
addActionError("The submitted user name and
password combination was invalid.");
}
// If it succeeded, set the User object in the session.
else {
sessionAttributes.put(MidasUtils.USER_IN_SESSION, result);
}
}
}
--
This message may contain confidential, proprietary, or legally privileged information. No confidentiality or privilege is waived by any transmission to an unintended recipient. If you are not an intended recipient, please notify the sender and delete this message immediately. Any views expressed in this message are those of the sender, not those of any entity within the KBC Financial Products group of companies (together referred to as "KBC FP").
This message does not create any obligation, contractual or otherwise, on the part of KBC FP. It is not an offer (or solicitation of an offer) of, or a recommendation to buy or sell, any financial product. Any prices or other values included in this message are indicative only, and do not necessarily represent current market prices, prices at which KBC FP would enter into a transaction, or prices at which similar transactions may be carried on KBC FP's own books. The information contained in this message is provided "as is", without representations or warranties, express or implied, of any kind. Past performance is not indicative of future returns.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: [s2] Validation, but not the first time
Posted by Dave Newton <ne...@yahoo.com>.
--- "Allen, Daniel" <Da...@kbcfp.com> wrote:
> <property name="loginChecker"><ref local="loginChecker"
> /></property>
>
> I guess I could manually call Spring from Java code to fill in the
> log-in checker class, but this way I can keep Spring entirely out of my
> code's [direct] dependencies [...] If there's a simpler way to tell Struts
> to use Spring on certain of an action's properties, feel free to enlighten
me.
If the Spring plugin is being used I don't think you need to do anything
except define a "loginChecker" bean and it'll be injected automagically
(autowiring by name is the default) [1]. Totally optional, though; just a
convenience.
Dave
[1] http://struts.apache.org/2.x/docs/spring-plugin.html
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: [s2] Validation, but not the first time
Posted by "Allen, Daniel" <Da...@kbcfp.com>.
Yeah, I know, my spelling is terrible in code. All I can say in my
defense is that I go back and fix it with Eclipse's refactoring tools at
the end, before anyone else at the company has to see it. That doesn't
save you poor souls on the user list who are subjected to my interim
incompetence, though.
The reason I had the action created by Spring was that it has one field
that's populated by Spring:
<beans>
<bean id="loginChecker"
class="com.kbcfp.midas.security.TokenDemoLoginChecker"
singleton="true"/>
<bean id="loginAction"
class="com.kbcfp.midas.action.LoginAction" singleton="false">
<property name="loginChecker"><ref local="loginChecker"
/></property>
</bean>
</beans>
I guess I could manually call Spring from Java code to fill in the
log-in checker class, but this way I can keep Spring entirely out of my
code's [direct] dependencies, which helps keep the Maven POM down to a
manageable size. If there's a simpler way to tell Struts to use Spring
on certain of an action's properties, feel free to enlighten me. I've
been doing Struts with Spring for a week, so I'm not set in my ways just
yet.
--[BACK ON TOPIC]--
The wildcard worked like a charm. I changed the struts.xml to the
following:
<action name="login_*" class="loginAction" method="{1}">
<result name="input">/jsp/login.jsp</result>
<result name="success">/jsp/redirect.jsp</result>
</action>
and changed the form action in the JSP to go to "login_execute", and it
didn't even require any more Java code.
Thanks!
~Dan
--- "Allen, Daniel" <Da...@kbcfp.com> wrote:
> Is there a way to prevent the validation from firing unless the user
is
> coming back to it after attempting to log in?
By default the validation interceptor won't check a set of action
methods,
including the "input" method. The easiest thing, IMO, is to create an
action
mapping for the action that specifies the method. One way to avoid
creating
an additional XML mapping is to use wildcarding.
> struts.xml excerpt:
> <action name="login" class="loginAction"> <!-- class is
> instantiated by Spring, hence no qualified classname -->
Declaring the action as a spring bean is optional, depending on how
you're
wiring things, but I'm guessing you already knew that one.
> <result name="input">/jsp/login.jsp</result>
> <result
> name="success">/jsp/redirect.jsp</result>
If everything is behind S2 then this is an un-necessary complication,
but I
don't know how your app is set up. Just FYI.
> @SuppressWarnings("unchecked")
> public class LoginAction extends ActionSupport implements
> ValidationAware, Validateable, SessionAware {
FYI, ActionSupport already implements ValidationAware and Validateable.
> private String userName = null;
"null" is the default, uninitialized value for member variables.
> if(redirectDesintation == null ||
Spelling :p
Dave
--
This message may contain confidential, proprietary, or legally privileged information. No confidentiality or privilege is waived by any transmission to an unintended recipient. If you are not an intended recipient, please notify the sender and delete this message immediately. Any views expressed in this message are those of the sender, not those of any entity within the KBC Financial Products group of companies (together referred to as "KBC FP").
This message does not create any obligation, contractual or otherwise, on the part of KBC FP. It is not an offer (or solicitation of an offer) of, or a recommendation to buy or sell, any financial product. Any prices or other values included in this message are indicative only, and do not necessarily represent current market prices, prices at which KBC FP would enter into a transaction, or prices at which similar transactions may be carried on KBC FP's own books. The information contained in this message is provided "as is", without representations or warranties, express or implied, of any kind. Past performance is not indicative of future returns.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: [s2] Validation, but not the first time
Posted by Dave Newton <ne...@yahoo.com>.
--- "Allen, Daniel" <Da...@kbcfp.com> wrote:
> Is there a way to prevent the validation from firing unless the user is
> coming back to it after attempting to log in?
By default the validation interceptor won't check a set of action methods,
including the "input" method. The easiest thing, IMO, is to create an action
mapping for the action that specifies the method. One way to avoid creating
an additional XML mapping is to use wildcarding.
> struts.xml excerpt:
> <action name="login" class="loginAction"> <!-- class is
> instantiated by Spring, hence no qualified classname -->
Declaring the action as a spring bean is optional, depending on how you're
wiring things, but I'm guessing you already knew that one.
> <result name="input">/jsp/login.jsp</result>
> <result
> name="success">/jsp/redirect.jsp</result>
If everything is behind S2 then this is an un-necessary complication, but I
don't know how your app is set up. Just FYI.
> @SuppressWarnings("unchecked")
> public class LoginAction extends ActionSupport implements
> ValidationAware, Validateable, SessionAware {
FYI, ActionSupport already implements ValidationAware and Validateable.
> private String userName = null;
"null" is the default, uninitialized value for member variables.
> if(redirectDesintation == null ||
Spelling :p
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org