Develop Reference

struts2 tokensession not setting request in Action excludedMethod [duplicate]

This question already has an answer here:
Prevent same action called twice as long as user is in current session
(1 answer)
Closed 5 years ago.
I'm trying to avoid double-submit problems using tokenSession. My action methods are working fine without tokenSession technique.
I add <s:token/> in upsert_crypto_sources.jsp and tokenSession interceptor in struts.xml but I receive request as null in my action excludedMethod of list().
The list page doesn't need to avoid double submit problem but if I add <s:token/> in view_crypto_sources_list.jsp and remove list() from excludedMethod then I always receive result invalid.token.
My struts.xml is like:
<struts>
<package name="key-manager" namespace="/shared/km" extends="console-default" strict-method-invocation="true">
<action name="manage_cs_*" method="{1}" class="console.shared.km.ASC_ManageCryptoProfilesAction">
<interceptor-ref name="tokenSession">
<param name="excludeMethods">
list, initInsert, load, delete
</param>
</interceptor-ref>
<result name="list">/shared/km/view_crypto_sources_list.jsp</result>
<result name="insert">/shared/km/upsert_crypto_sources.jsp</result>
<result name="update">/shared/km/upsert_crypto_sources.jsp</result>
<result name="load">/shared/km/upsert_crypto_sources.jsp</result>
<allowed-methods>list, insert, load, update, delete, testConnection, forward, cancel</allowed-methods>
</action>
My action implements ServletRequestAware interface therefore it gets the request member variable set using setServletRequest() method.

I added a defaultStack interceptor and it is working fine:
<struts>
<package name="key-manager" namespace="/shared/km" extends="console-default" strict-method-invocation="true">
<action name="manage_cs_*" method="{1}" class="console.shared.km.ASC_ManageCryptoProfilesAction">
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="tokenSession">
<param name="excludeMethods">
list, initInsert, load, delete
</param>
</interceptor-ref>
<result name="list">/shared/km/view_crypto_sources_list.jsp</result>
<result name="insert">/shared/km/upsert_crypto_sources.jsp</result>
<result name="update">/shared/km/upsert_crypto_sources.jsp</result>
<result name="load">/shared/km/upsert_crypto_sources.jsp</result>
<allowed-methods>list, insert, load, update, delete, testConnection, forward, cancel</allowed-methods>
</action>

Attribute parameter from <action> element - equivalent in Struts 2

In Struts1 you can use the attribute parameter from element(struts-config.xml) and access it's value within the action class via the actionMapping.getParameter() method. For actions requiring multiple steps, the parameter is often used to indicate which step the mapping is associated
with.
Ex:
<action path="\something\Step1"
type="actions.SomethingAction"
parameter="step1"> ...
<action path="\something\Step2"
type="actions.SomethingAction"
parameter="step2"> ...
Which is the alternative solution for Struts2?

Parameters in the action configuration could be used instead
<package name="something" namespace="/something" extends="struts-default">
<action name="Step1" class="actions.SomethingAction">
<param name="step1" ...
</action>
<action name="Step2" class="actions.SomethingAction">
<param name="step2" ...
</action>
</package>

Cannot exclude method in struts2 interceptor

I am having the opposite problem of the fellow in this question:
Struts 2: excluding method from validation from just the defaultStack interceptor
The above question involved all methods being excluded, my issue is that no methods are being excluded!
I'm trying to get my authenticationInterceptor to ignore the showLogin method of my LoginAction:
<interceptors>
<interceptor name="authorizationInterceptor" class="org.companyname.struts.interceptor.AuthorizationInterceptor"/>
<interceptor-stack name="appDefault">
<interceptor-ref name="authorizationInterceptor"/>
<interceptor-ref name="defaultStack">
<param name="exception.logEnabled">true</param>
<param name="exception.logLevel">ERROR</param>
</interceptor-ref>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="appDefault" />
<action name="loginInitial" class="org.companyname.struts.action.LoginAction" method="showLogin">
<interceptor-ref name="appDefault">
<param name="authorizationInterceptor.excludeMethods">showLogin</param>
</interceptor-ref>
<result name="success">/login.jsp</result>
</action>
However, each time I forward to loginInitial, the interceptor grabs it, even though my showLogin method is being excluded.
I've checked for naming issues, and have tried putting several different values in the interceptor-ref within the action, and nothing seems to work.
What's the proper way to skip the authorizationInterceptor when I forward to loginIntial?

I believe my issue is the type of interceptor I'm using, the AbstractInterceptor. So, I just use different interceptor stacks on the actions I don't want intercepted:
<interceptor-stack name="appDefaultWithAuth">
<interceptor-ref name="defaultStack">
<param name="exception.logEnabled">true</param>
<param name="exception.logLevel">ERROR</param>
</interceptor-ref>
<interceptor-ref name="authorizationInterceptor"/>
</interceptor-stack>
<interceptor-stack name="appDefaultNoAuth">
<interceptor-ref name="defaultStack">
<param name="exception.logEnabled">true</param>
<param name="exception.logLevel">ERROR</param>
</interceptor-ref>
</interceptor-stack>
<default-interceptor-ref name="appDefaultWithAuth" />
<action name="loginInitial" class="org.company.struts.action.LoginAction" method="showLogin">
<interceptor-ref name="appDefaultNoAuth"/>
<result name="success">/login.jsp</result>
</action>

Reuse of redirect-action in struts.xml?

I have multiple actions that after completion redirect back to a general page (showStuff). I'm looking for a way to NOT repeat the list of parameters for every redirect-action.
What I have is this:
<action name="doThis" class="com.domain.package.MyAction" method="doThis">
<result type="redirectAction">
<param name="actionName">showStuff</param>
<param name="parse">true</param>
<param name="selectedYear">${selectedYear}</param>
<param name="selectedMonth">${selectedMonth}</param>
<param name="selectedDay">${selectedDay}</param>
</result>
</action>
<action name="doThat" class="com.domain.package.MyAction" method="doThat">
<result type="redirectAction">
<param name="actionName">showStuff</param>
<param name="parse">true</param>
<param name="selectedYear">${selectedYear}</param>
<param name="selectedMonth">${selectedMonth}</param>
<param name="selectedDay">${selectedDay}</param>
</result>
</action>
I would like to keep the parameter list within the showStuff action definition, and then use is like so:
<action name="doThis" class="com.domain.package.MyAction" method="doThis">
<result type="redirectAction">
<param name="actionName">showStuff</param>
</result>
</action>
<action name="doThat" class="com.domain.package.MyAction" method="doThat">
<result type="redirectAction">
<param name="actionName">showStuff</param>
</result>
</action>
Is it possible?

There are a few options.
Honestly, I'd skip most of my workarounds, and put them into session.
Once they're in session, create an interceptor and interface (Dateable or something). In the interceptor check the session for the variables (see below) and if the action is a Dateable, set them on the action, and you're done.
Another option is to encapsulate these variables as a date and either use the built-in converter or use your own converter. Then you'd only need a single parameter. This option would work with the interceptor idea as well.

As it turns out, it is very much possible. This is how you do it:
Add a global result:
<global-results>
<result name="show-stats" type="redirectAction">
<param name="actionName">showStats</param>
<param name="parse">true</param>
<param name="selectedYear">${selectedYear}</param>
<param name="selectedMonth">${selectedMonth}</param>
<param name="selectedDay">${selectedDay}</param>
</result>
And then for the actions:
<action name="doThis" class="com.domain.package.MyAction" method="doThis"/>
<action name="doThat" class="com.domain.package.MyAction" method="doThat"/>
Finally in the java code, just:
return "show-stats";
And you're done.
As a sidenote, why do I have to spend so much time trying to adhere to the very basic DRY principle? Aren't all these frameworks supposed to .. you know.. simplify stuff? Just wondering...

I was facing the same problem with an endless list of params getting longer and longer, repeated in several places. What I ended up doing was that I created an external file and declared it in struts.xml as an entity then included it instead of repeating all the params
This goes in the doctype tag
<!ENTITY referenceName SYSTEM "fileName">
Then you include it like so
&referenceName;

Is there a way to declare a action result?

I have this exact same line in 5 places in my struts xml -
<result name="error" type="json"><param name="root">response</param></result>
Is there a way i can declare this as some sort of custom result and include it in the 5 places i'm using it?

You dont have to use it at multiple places instead define this as global result.
<global-results>
<result name="error" type="json">
<param name="root">response</param>
</result>
</global-results>
So when your action will return error it will use this result from the global result and use it.
But if you want something like
<action name="someaction" class="somepackage.someAction">
<result name="error" type="json">ReferSomeOhterResult</result>
</action>
this is not possible, you can only chain, redirect to a different action but one result cannot refer to another result.