- This topic has 1 reply, 2 voices, and was last updated 15 years, 4 months ago by
.
-
Posts
-
// DataRequestProcessor.java
/*
*
* TODO To change the template for this generated file go to
* Window – Preferences – Java – Code Style – Code Templates
*/
package data.war;import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;import org.apache.struts.Globals;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.RequestProcessor;
import org.apache.struts.config.ForwardConfig;import data.utility.DTO.UserInfo;
/**
*
*
* TODO To change the template for this generated type comment go to
* Window – Preferences – Java – Code Style – Code Templates
*/
public class DataRequestProcessor extends RequestProcessor {/** This method checks whether a user is logged in or not and also if user is logged in has requested a valid URL
* the method get executed before any processing
* @see org.apache.struts.action.RequestProcessor#processPreprocess(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
* @return boolean
* <br>true : normal processing of the user request is done
* <br>false : login required page is displayed
*/
protected boolean processPreprocess(HttpServletRequest req, HttpServletResponse res)
{
ActionErrors errors = new ActionErrors();
if(req.getServletPath().equalsIgnoreCase(“/login.do”))
return true;
else if(SessionManagement.isLoggedIn(req,errors))
return true;
try
{
ForwardConfig config = moduleConfig.findForwardConfig(“loginrequired”);
req.setAttribute(Globals.ERROR_KEY, errors);
req.getRequestDispatcher(config.getPath()).forward(req, res);
}
catch (IOException e)
{
System.err.println(“IO Exception in preprocess “+e.getMessage());
}
catch(ServletException se)
{
System.err.println(“Servlet Exception in preprocess “+se.getMessage());
}
return false;
}/* (non-Javadoc)
* @see org.apache.struts.action.RequestProcessor#processRoles(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMapping)
*/
protected boolean processRoles(HttpServletRequest req,
HttpServletResponse res, ActionMapping map) throws IOException,
ServletException {
HttpSession session = req.getSession(false);
UserInfo userInfo = (UserInfo)session.getAttribute(“userInfo”);
String[] roles=map.getRoleNames();
if(roles!=null && roles.length!=0)
for(int i=0;i<roles.length;i++)
{
if(userInfo.getUserType().equalsIgnoreCase(roles[i].trim()))
return true;
}
if(roles!=null && roles.length!=0)
{
try
{
ActionErrors errors = new ActionErrors();
System.err.println(“InValid URL”);
SessionManagement.invalidateSession(session);
errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(“error.session.invalidurl”));
ForwardConfig config = moduleConfig.findForwardConfig(“loginrequired”);
req.setAttribute(Globals.ERROR_KEY, errors);
req.getRequestDispatcher(config.getPath()).forward(req, res);
}
catch (IOException e)
{
System.err.println(“IO Exception in processRoles “+e.getMessage());
}
catch(ServletException se)
{
System.err.println(“Servlet Exception in processRoles “+se.getMessage());
}
return false;
}
return true;
}
}
// SessionManagement.java/*
* Created on Apr 13, 2009
*
* TODO To change the template for this generated file go to
* Window – Preferences – Java – Code Style – Code Templates
*/
package data.war;import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;import data.utility.DTO.UserInfo;
/**
*
*
*/
public class SessionManagement {/**
*
*/
public SessionManagement() {
super();}
/**This method is called to validate user action.
* It first checks whether a user session is available or not and then checks whether a user has requested a valid URL
* It also destroys user session if user requests am invalid url
* @param HttpServletRequest req
* @param ActionErrors errors
* @return boolean
* <br>true : if a user session is available and user has requested a valid URL
* <br>false : otherwise
*/
public static boolean validateAction(HttpServletRequest req, ActionErrors errors)
{
HttpSession session = req.getSession(false);
if(session!=null&&session.getAttribute(“userInfo”)!=null)
{
UserInfo userInfo = (UserInfo)session.getAttribute(“userInfo”);
String url = req.getServletPath()+(req.getQueryString()==null ? “” : “?”+req.getQueryString());
if(userInfo.getValidURLlist().contains(url))
{
return true;
}
else
{
System.err.println(“InValid URL”);
invalidateSession(session);
errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(“error.session.invalidurl”));
}
}
else
{
System.err.println(“login required”);
errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(“error.session.failed”));
}
return false;
}/**This method is called to terminate an user session
* it gets all the attributes from the user session and remove them and also it invalidates user session
* @param HttpSession session
*/
public static void invalidateSession(HttpSession session)
{
Enumeration allAttrib = session.getAttributeNames();
if(allAttrib!=null)
{
while(allAttrib.hasMoreElements())
{
session.removeAttribute(allAttrib.nextElement().toString());
}
}
session.invalidate();
session=null;
}
/**This method is called to checks whether a user session is available or not.
* @param HttpServletRequest req
* @param ActionErrors errors
* @return boolean
* <br>true : if a user session is available
* <br>false : otherwise
*/
public static boolean isLoggedIn(HttpServletRequest req, ActionErrors errors)
{
HttpSession session = req.getSession(false);
if(session!=null&&session.getAttribute(“userInfo”)!=null)
return true;
else
{
System.err.println(“login required”);
errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(“error.session.failed”));
}
return false;
}}
