Implementing Struts 2 Interceptors using Struts 1

Posted by Andriy Zakharchuk on Stack Overflow See other posts from Stack Overflow or by Andriy Zakharchuk
Published on 2010-01-05T20:37:58Z Indexed on 2010/12/24 21:54 UTC
Read the original article Hit count: 408

Filed under:
|
|
|

Hello all,

I have a legacy application written with Struts 1. The only feature I was asked to add is to protect some actions. Currently any user can do whatever he/she wants. The idea is to allows all user see the data, but block modification operation, i.e. to modify data a user should log in.

I know Struts2 has interceptors, so I could attach them to required actions and forward users to log in page when needed. But how can I do similar thing in Struts 1 application?

My first idea was to create my own abstract Action class:

public class AuthenticatedAction {
    public ActionForward execute(
        ActionMapping mapping,
        ActionForm form, 
        HttpServletRequest theRequest, 
        HttpServletResponse theResponse) {
            if (!logged) {
                // forward to log in form
            } else {
                doExecute(mapping, form, request, response);
            }
        }

public abstract ActionForward doExecute(
    ActionMapping mapping,
    ActionForm form, 
    HttpServletRequest theRequest, 
    HttpServletResponse theResponse);
}

Then change all actions that require authentication from

extends Action

to

extends AuthenticatedAction 

then add login form, login action (which performs authentications and puts this status into the session) and change JSP header tile to display authentication block, e.g., "You are (not logged in)/", Login/Logout. As I guess this should solve the problem.

  1. If this doesn't solve the problem, please explain me why.
  2. Is there any better (more elegant like interceptors are) way to do this?

Thank you in advance.

© Stack Overflow or respective owner

Related posts about login

Related posts about struts2