You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Héctor López Fernández (JIRA)" <ji...@apache.org> on 2008/08/25 14:28:25 UTC

[jira] Commented: (WW-2025) Action's can't be used for web.xml declarative security URL's

    [ https://issues.apache.org/struts/browse/WW-2025?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=44604#action_44604 ] 

Héctor López Fernández commented on WW-2025:
--------------------------------------------

It's not Struts specific, it happens with every filter in web.xml. It seems a bug in some container's mapping methods, but i'm no expert on the spec...

I'm having this issue in latest tomcat using a welcome-file. My workaround is a simple redirect servlet, but it has to be mapped for all the directory indexes i have...

You can try this little test...

[web.xml]

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">

  <display-name>test</display-name>

  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
  </welcome-file-list>

  <filter>
    <filter-name>indexredirect</filter-name>
    <filter-class>org.mytest.IndexRedirectFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>indexredirect</filter-name>
    <url-pattern>/index.html</url-pattern>
  </filter-mapping>

</web-app>


[Filter class]

package org.mytest;

public class IndexRedirectFilter implements Filter {
	public void destroy() {
	}

	public void doFilter(ServletRequest arg0, ServletResponse response,
			FilterChain arg2) throws IOException, ServletException {
		if (response instanceof HttpServletResponse) {
			((HttpServletResponse)response).sendRedirect("index.action");
		}
	}

	public void init(FilterConfig arg0) throws ServletException {
	}
}

You'll never get redirected to index.action

> Action's can't be used for web.xml declarative security URL's
> -------------------------------------------------------------
>
>                 Key: WW-2025
>                 URL: https://issues.apache.org/struts/browse/WW-2025
>             Project: Struts 2
>          Issue Type: Improvement
>          Components: Dispatch Filter
>    Affects Versions: 2.0.8
>         Environment: Tomcat 5.5.23 (also present in the most recent 6.0.13 release), Java(TM) SE Runtime Environment (build 1.6.0-b105), S2.0.8
>            Reporter: Jon Wilmoth
>             Fix For: Future
>
>
> Using an action URI for web.xml declarative security results in a 404 "The requested resource (/mywebapp/login.action) is not available message." on Tomcat (both 5.5.x & 6.x).  Representative XML configs below:
> <login-config>
>         <auth-method>FORM</auth-method>
>         <form-login-config>
>             <form-login-page>/login.action</form-login-page>
>             <form-error-page>/loginFailure.action</form-error-page>
>         </form-login-config>
>     </login-config> 
> <action name="login">
>     <result>/login.jsp</result>
> </action>
>   
> Unfortunately it looks like the S2 architectural change from a Servlet to Servlet Filters is the culprit.  After digging through the tomcat 5.5.23 (also present in the most recent 6.0.13 release) code I've come to the conclusion Struts2 actions CAN NOT be used for any of the common web.xml descriptor elements (form-login-page, form-error-page, welcome-file?, other?).  Here's a snippet of the javadoc from org.apache.catalina.core.ApplicationDispatcher's invoke method:
> * <strong>IMPLEMENTATION NOTE</strong>: This implementation assumes that no filters are applied to a forwarded or included resource, because they were already done for the original request.
> Since this worked in S1, I've opened this ticket as a BUG.  The workaround I received on the user list of doing an HTTP meta REFRESH works, but results in screen flashing (even with a refresh of 0 seconds) and a poor user experience. I'd GREATLY appreciate if one of the Struts developers had a more elegant workaround suggestion.  For example would it be feasible to port FilterDispatcher to a servlet?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.