I am using token interceptor and fileupload interceptor in struts2.
But when I upload a file larger than the configured one fileupload returns input but instead of getting redirected to the one which is defined in result mapped to fileupload it is redirecting to the result mapped to invalid.token.
I have tried altering the sequence of interceptors but nothing worked.
<action name="something" class="something">
<interceptor-ref name="token"/>
<interceptor-ref name="fileupload"/>
<result name="invalid.token" type="redirect">someaction</result>
<result name="input" type="redirect">someaction</result>
</action>
Related
We used SSL on strut-2 project. At multiple places, we used redirection in struts.xml like below in code .
<action name="bo_act_creditNote_Save"
class="com.skilrock.lms.web.accMgmt.common.CreditNoteAtBoAction"
method="doCreditNoteBo">
<result name="success" type="redirect-action">
<param name="actionName">bo_act_creditNote_redirect</param>
</result>
</action>
<action name="bo_act_creditNote_redirect">
<result>
/com/skilrock/lms/web/accMgmt/backOffice/bo_act_creditNote_Success.jsp
</result>
</action>
due to ssl browser show some error that
http://mydomain/com/skil/lms/web/userMgmt/bo_act_creditNote_redirect.action'. This request has been blocked; the content must be served over HTTPS.
And the result page is not coming as transaction completed successfully.
To resolve this issue, we removed redirection and replace with JSP page wherever it is used.
But we want to keep redirection action.
This question already has an answer here:
Prevent same action called twice as long as user is in current session
(1 answer)
Closed 5 years ago.
I'm trying to avoid double-submit problems using tokenSession. My action methods are working fine without tokenSession technique.
I add <s:token/> in upsert_crypto_sources.jsp and tokenSession interceptor in struts.xml but I receive request as null in my action excludedMethod of list().
The list page doesn't need to avoid double submit problem but if I add <s:token/> in view_crypto_sources_list.jsp and remove list() from excludedMethod then I always receive result invalid.token.
My struts.xml is like:
<struts>
<package name="key-manager" namespace="/shared/km" extends="console-default" strict-method-invocation="true">
<action name="manage_cs_*" method="{1}" class="console.shared.km.ASC_ManageCryptoProfilesAction">
<interceptor-ref name="tokenSession">
<param name="excludeMethods">
list, initInsert, load, delete
</param>
</interceptor-ref>
<result name="list">/shared/km/view_crypto_sources_list.jsp</result>
<result name="insert">/shared/km/upsert_crypto_sources.jsp</result>
<result name="update">/shared/km/upsert_crypto_sources.jsp</result>
<result name="load">/shared/km/upsert_crypto_sources.jsp</result>
<allowed-methods>list, insert, load, update, delete, testConnection, forward, cancel</allowed-methods>
</action>
My action implements ServletRequestAware interface therefore it gets the request member variable set using setServletRequest() method.
I added a defaultStack interceptor and it is working fine:
<struts>
<package name="key-manager" namespace="/shared/km" extends="console-default" strict-method-invocation="true">
<action name="manage_cs_*" method="{1}" class="console.shared.km.ASC_ManageCryptoProfilesAction">
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="tokenSession">
<param name="excludeMethods">
list, initInsert, load, delete
</param>
</interceptor-ref>
<result name="list">/shared/km/view_crypto_sources_list.jsp</result>
<result name="insert">/shared/km/upsert_crypto_sources.jsp</result>
<result name="update">/shared/km/upsert_crypto_sources.jsp</result>
<result name="load">/shared/km/upsert_crypto_sources.jsp</result>
<allowed-methods>list, insert, load, update, delete, testConnection, forward, cancel</allowed-methods>
</action>
<action name="AddedPaid" class="iland.payment.SupplierPaidAction" method="insert">
<result name="success" type="redirect">ShowPaid</result>
<result name="input">/pages/payment/addToPay.jsp</result>
<result name="login">/pages/login.jsp</result>
</action>
<action name="ShowPaid" class="iland.payment.SupplierPaidAction" method="fetchAllByfk">
<result name="success">/pages/paid/showPaidDetails.jsp</result>
<result name="input">/pages/payment/ShowPay.jsp</result>
<result name="login">/pages/login.jsp</result>
</action>
Here AddedPaid Action is used to add form data in to database.
After adding data in to database I am redirecting result to ShowPaid action.
This is working properly.
Now I want whenever I redirect AddedPaid action to ShowPaid.
ShowPaid must show data of perticular supplierPaymentId for which I have added data in AddedPaid.
After redirect it is howing url
http://localhost:8082/ClothStore/ShowPaid
I want
http://localhost:8082/ClothStore/ShowPaid?supplierPaymentId=4
It's strange, usually people have 2 and want 1 :)
Btw, since you are using PostRedirectGet, you need to manually pass the parameter in Struts configuration.
Assuming you have a variable named supplierPaymentId with getter and setter, it's achievable like follows:
<action name="AddedPaid" class="iland.payment.SupplierPaidAction" method="insert">
<result name="success" type="redirectAction">
<param name="actionName">ShowPaid</param>
<param name="supplierPaymentId">${supplierPaymentId}</param>
</result>
<result name="input">/pages/payment/addToPay.jsp</result>
<result name="login">/pages/login.jsp</result>
</action>
Also use redirectAction instead of redirect, that is meant to be used to redirect to external URLs or non-Action URLs
First of all use redirectAction result instead of redirect to redirect to another action.
And use param tag to add parameters in your result configuration.
<result type="redirectAction">
<param name="actionName">ShowPaid</param>
<param name="supplierPaymentId">${supplierPaymentId}</param>
</result>
Note you need to have getter/setter for supplierPaymentId in your action class.
Im trying to make it so that once i submit this form i cannot hit the back button, but with the current configuration I cannot even get the page/form to load. I can't seem to figure out why "invalid.token" is always being triggered thus redirecting me to index.jsp no matter what I have the token tag in my form like im supposed to. If i use the "excludeMethods" filter and exclude View then my page loads but I can hit the back button freely so it still does not work properly. I have tried moving the interceptor-ref above and below my noLoginStack but it dosen't make a difference. Based on my debugging my actual java class isn't even being hit, so its failing before then. What am I doing wrong?
My action declaration:
<action name="viewAppointmentLetter" class="edu.ucr.c3.rsummer.controller.instructor.ManageAppointmentLetters">
<interceptor-ref name="noLoginStack"/>
<interceptor-ref name="token" />
<result name="invalid.token">/index.jsp</result>
<result name="error" type="redirectAction">index.do</result>
<result name="input">/instructor/assigned_appts.jsp</result>
<result name="view">/instructor/assigned_appts.jsp</result>
<result type="redirectAction">index.do</result>
</action>
My assigned_appts.jsp:
<s:form action="saveAppointmentLetter" onsubmit="return verifySubmit();">
<s:token name="token" />
.....
</s:form>
If its any clue I always get this in my console
WARN org.apache.struts2.util.TokenHelper - Could not find token name in params.
In struts2 the order of interceptor is very important. you should follow this order.
<interceptor-ref name="token"/>
<interceptor-ref name="noLoginStack"/>
USe TokenSession interceptor.Had to handle result by result name="invalid.token" in struts.xml in specific action.
The page from which your action is generated at that page you have to write <s:token> tag in the header
i have done some pages with Struts 2.(J2EE project)
All was ok until i try to add an interceptor.
It seems that the Interceptor delete all properties of my Class Action and Parameters send by the jsp with url like: action?param=xxx
here is the interceptor:
public class SessionInterceptor extends AbstractInterceptor{
#Override
public String intercept(ActionInvocation invocation) throws Exception {
return invocation.invoke();
}
here is the struts.xml:
<action name="movefc_ShowFjt" class="struts2.ShowFjtAction" method="movefc">
<interceptor-ref name="sessionInterceptor"></interceptor-ref>
<result name="input" type="dispatcher">jsp/showFjt.jsp</result>
<result name="success" type="dispatcher">jsp/showFjt.jsp</result>
</action>
in the class action,
public class ShowFjtAction extends ActionSupport {
private String param;
private Personne p;
param property never receive value from the jsp (it is ok when interceptor is off). Worse, other properties in Class action seems to be erased.
Is that an normal effect of the return invocation.invoke(); of the interceptor ?
Is there anything i can do to fix that ?
y defining your own interceptor are you causing all of the default interceptors to be discarded?
Should you perhaps be defining an interceptor stack which includes your interceptor and the default stack?
<package name="default" extends="struts-default">
<interceptors>
<interceptor name="sessionInterceptor" class="SessionInterceptor"/>
<interceptor-stack name="myStack">
<interceptor-ref name="sessionInterceptor"/>
</interceptor-stack>
</interceptors>
<action name="movefc_ShowFjt"
class="struts2.ShowFjtAction">
<interceptor-ref name="myStack"/>
<result name="input" type="dispatcher">jsp/showFjt.jsp</result>
<result name="success" type="dispatcher">jsp/showFjt.jsp</result>
</action>
The entire concept is explained as follows
1] First when user does not writes any interceptors, then interceptors defined in struts-default.xml will be used. It is defined in struts-core.jar, it is accomplished by extending the "struts-default" extended in our package xml tag.
2] When user writes his own interceptor if you add one mode code block after sessionInterceptor ref name i.e interceptor-ref name="defaultStack" will solve your problem.
Befor trying this try to unzip the struts-core.jar and move forward with your implementation.