[Gabriel Khoa Bui]

I have a question that it seemed I have solved yet for ages. I wanna run my web site in https. According to my experience, I have 2 solutions:
1. In struts-config.xml:

<controller processorClass="org.apache.struts.action.SecureRequestProcessor" />

In this case I can’t import Struts-tiles for my project.

2. Instead of using SSL RequestProccessor, I used Struts-tiles:

<controller processorClass="deth.security.CustomRequestProcessor" maxFileSize="5M"/>

/**
 * CustomRequestProcessor.java
 */
package deth.security;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.ActionMapping;
import org.apache.struts.tiles.TilesRequestProcessor;

import deth.utilities.AuthorizationBean;
import deth.utilities.ForwardBean;

/**
 * @author deth 
 * Creation date Wednesday, May 17, 2006
 */

public class CustomRequestProcessor extends TilesRequestProcessor {
    /**
     * CustomRequestProcessor: default constructor.
     */
    public CustomRequestProcessor()    {
        // Default CustomRequestProcessor constructor.        
        //  Using both RequestProcessor and TilesRequestProcessor,
        //  it should subclass TilesRequestProcessor.
    }
    protected boolean processRoles(HttpServletRequest request, HttpServletResponse response, ActionMapping mapping)
            throws IOException, ServletException{        
        // Is this action protected by role requirements?
        String roles[] = mapping.getRoleNames();
        if ((roles == null) || (roles.length < 1)) {
            return (true);
        }
        
        //Check the current user has no role.        
        HttpSession session = request.getSession();    
        if(session.getAttribute(AuthorizationBean.USER) == null || 
                (session.getAttribute(AuthorizationBean.USER)).equals("")){
            doForwardLogin(ForwardBean.LOGIN_FORWARD, request, response);
        }
        
        //Check the current user against the list of required roles        
        List<User> list = new ArrayList<User>();
        list = (ArrayList<User>)session.getAttribute(AuthorizationBean.USER);                    
        Iterator iter = list.iterator();
        while(iter.hasNext()){
            Object obj = iter.next();
            User user = (User) obj;
            String role = user.getRole();
            for(int i = 0; i < roles.length; i++){
                if(role.trim().equals(roles[i].trim())){
                    return (true);                    
                }            
                doForwardLogin(ForwardBean.LOGIN_FORWARD, request, response);
            }
        }    
        return (false);
    }
    
    /** 
     * doForwardLogin: override the method doForward(String path, HttpServletRequest request, HttpServletResponse response)
     * of TilesRequestProcessor.
     * @param path
     * @param request
     * @param response
     * @throws IOException, ServletException
     */
    private void doForwardLogin(String path, HttpServletRequest request, 
            HttpServletResponse response) throws IOException, ServletException {
        super.doForward(path, request, response);
    }
}

The question here is how to combine the Struts-tiles and SSL together in my project. But it still remained in technical difficulties.
Please give me some sulutions.
Thanks,

[Riyad Kalla]

Moving to OT > Soft Dev

[Author]

Posts