I Have some action classes that return JSON results for my Ajax call,
<action name="sampleAction" class="com.sample.SampleAction">
<interceptor-ref name="defaultSecurityStack" />
<result name="success" type="json">
<param name="noCache">true</param>
<param name="excludeNullProperties">true</param>
<param name="root">result</param>
</result>
</action>
Is it possible to prevent users from accessing that action directly when typed in the url? Thank you so much!
Related
I have the problem on struts.xml of Struts 2 web project.
I have the login page and after login, the URL will add /secure/*.action.
I tried to have two packages in struts.xml. One is normal / and second is /secure. But it will cause 404 not found page after login. If I make the second package also \ in namespace and call the membersite.action with only / namespace , it will be OK and successfully direct but with only /*.action in URL. I need to have this URL /secure/*.action in infrastructure issue. Is there any hints?
<package name="awip" namespace="/" extends="tiles-default, struts-default">
<result-types>
<result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult"/>
</result-types>
<global-results>
<result name="sessionTimeout" type="tiles">.logon.LogonForm</result>
<result name="errorRedirect" type="tiles">.errorPage</result>
</global-results>
<action name="logon" class="logonAction" method="displayLogonForm">
<result name="displayLogonForm" type="tiles">.logon.LogonForm</result>
</action>
<action name="doLogon" class="logonAction" method="doLogon">
<result name="displayLogonForm" type="tiles">.logon.LogonForm</result>
<result name="displayMainPage" type="redirectAction">
<param name="namespace">/secure</param>
<param name="actionName">membersite.action</param>
</result>
</action>
</package>
<package name="secureAwip" namespace="/secure" extends="tiles-default, struts-default">
<result-types>
<result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult"/>
</result-types>
<global-results>
<result name="sessionTimeout" type="tiles">.logon.LogonForm</result>
<result name="errorRedirect" type="tiles">.errorPage</result>
</global-results>
<action name="membersite" method="unspecified" class="membersiteAction">
<result name="displayMembersiteMain" type="tiles">.membersite.Main
</result>
</action>
</package>
The action name should not have an extension .action. If you write it with the action name the action mapper can't find the appropriate mapping for the action's result.
The code
<param name="actionName">membersite.action</param>
should be changed to
<param name="actionName">membersite</param>
It seems I should be able to have parameters in strut.xml defined PER result, and not globally, but I cannot get it to work. Here is what does work :
<action name="actThing" class="Thing" method="execute">
<interceptor-ref name="newStack" />
<param name="parentObject">Parent</param>
<result name="Edit">jspEditThing.jsp</result>
<result name="Add">jspAddThing.jsp</result>
</action>
In this case when Thing.execute gets called, the parentObject variable is set. But here :
<action name="actThing" class="Thing" method="execute">
<interceptor-ref name="newStack" />
<result name="Add">
<param name="location">jspAddThing.jsp</param>
<param name="parentObject">Parent</param>
</result>
<result name="Edit">jspEditThing.jsp</result>
</action>
it does not. Since it works in the first case I certainly have the proper settings/getters, and I don't get any kind of error. What am I missing?
Thanks.
It does not work, and it shouldn't because parameters are applied to the result, not the action. The result is executed after the action, and all parameters should be already set.
The param tag sets a property on the Result object. The most commonly-set property is location, which usually specifies the path to a web resources. The param attribute is another intelligent default.
<action name="actThing" class="Thing" method="execute">
<result name="Add">
<param name="includeProperties">Parent.*</param>
</result>
</action>
Now your Parent object with all its attributes and child objects will be available.
I'm using Java and Struts2.
In my struts.xml configure file i have blow config.
<action name="copyTestSuite" class="testSuiteAction"
method="copyTestSuite">
<result name="success">/WEB-INF/jsp/FormSuccessfulWithOutCloseWindow.jsp
</result>
</action>
After i executed action copyTestSuite, the default page will go to FormSuccessfulWithOutCloseWindow.jsp. and this page is just used to redirect to previous page.
But i want to let it go to another action matched page directly. How can i do this?
Below is another action toUpdateTestSuite i want to redirect to:
<action name="toUpdateTestSuite" class="testSuiteAction"
method="toUpdateTestSuite">
<result name="success">/WEB-INF/jsp/testsuite/updateTestSuite.jsp
</result>
</action>
You can use this <result type="redirectAction"></result>
<action name="copyTestSuite" class="testSuiteAction"
method="copyTestSuite">
<result type="redirectAction">/newAction.action</result>
</action>
You can redirect using something like:
<action name="copyTestSuite" class="testSuiteAction" method="copyTestSuite">
<result type="redirectAction">
<param name="actionName">toUpdateTestSuite</param>
</result>
</action>
vehicleinfo.js
function updateWCPolicyPresentValue(changedValue){
var url = $.url($(this).prop('href'));
var id = url.param('id');
alert(id);
if(confirm("Change will apply to all vehicles for this policy. Is it okey?")){
$.ajax({
url: '<s:url action="wcPolicyPresentVehicleInformationAction" namespace="/" />? changedValue='+changedValue+'&keepUrlRegistry=true',
cache : false,
success : alert(changedValue)
});
}else{
$.unblockScreen();
}
return false;
}
Struts-cpp.xml
<action name="*VehicleInformationAction" method="{1}" class="com.sbi.fremont.bindexpress.cpp.web.action.VehicleInformationAction">
<result name="input" type="tiles">vehicleInformationPageCpp</result>
<result name="load" type="redirectAction">inputVehicleInformationAction?id=${selectedId}&loadType=${loadType}&fleetMessage=${fleetMessage}</result>
</action>
In here, I am trying to call vehicleInformationAction java class via ajax request but it is not calling. I want to check that is there any mistake in ajax format?
Change
<result name="load" type="redirectAction">
inputVehicleInformationAction?id=${selectedId}&loadType=${loadType}&fleetMessage=${fleetMessage}
</result>
to
<result name="load" type="redirectAction">
<param name="actionName">inputVehicleInformationAction</param>
<param name="id">${selectedId}</param>
<param name="loadType">${loadType}</param>
<param name="fleetMessage">${fleetMessage}</param>
</result>
I am having an issue with the Message Store Interceptor in Struts 2. I have the following action in my struts.xml file:
<action name="rfi" method="add" class="org.test.action.RfiAction">
<interceptor-ref name="store">
<param name="operationMode">AUTOMATIC</param>
</interceptor-ref>
<interceptor-ref name="defaultStack" />
<result name="error">../display/irrt/rfi.jsp</result>
<result name="input">../display/irrt/rfi.jsp</result>
<result name="success" type="redirectAction">
<param name="actionName">rfis</param>
<param name="namespace">/irrt</param>
</result>
</action>
When the action returns successfully, it redirects to the action listed and the success message is properly saved and retrieved by the interceptor.
However, when an error occurs, there is no redirect and it goes to the listed JSP page but the error doesn't show up (all other data does). It's like the MessageStoreInterceptor wipes out the contents of the error variables when it runs so that if no redirect occurs, the current action no longer has the error message.
This happens when the interceptor is set to either STORE or AUTOMATIC mode (even though the interceptor shouldn't even run if it's in AUTOMATIC mode and the result doesn't include a redirect).
My code only ever adds errors or messages. It never deletes them. The action code is below:
private String add()
{
try
{
// add the rfi entry
this.rfiService.addRfi(this.rfiEntry, this.getLoggedInUser());
}
catch(ConnectionException e)
{
this.addActionError("Could not add RFI entry.");
e.printStackTrace();
return ERROR;
}
// set success message
this.addActionMessage("RFI entry added.");
return SUCCESS;
}
This is the code in the JSP being used to display the messages:
<s:if test="hasActionErrors() == true">
<s:iterator value="actionErrors">
<p class="text"><b><font color="red"><s:property /></font></b></p>
</s:iterator>
</s:if>
<s:elseif test="hasActionMessages() == true">
<s:iterator value="actionMessages">
<p class="text"><b><font color="green"><s:property /></font></b></p>
</s:iterator>
</s:elseif>
Any help with this issue would be greatly appreciated.
<result name="success" type="redirectAction">
<param name="actionName">rfis</param>
<param name="namespace">/irrt</param>
</result>
The redirectAction rfis should also go through the store interceptor.
<action name="rfis" class="..." method="...">
<interceptor-ref name="store">
<param name="operationMode">AUTOMATIC</param>
</interceptor-ref>
<interceptor-ref name="defaultStack" />
<result ..../>
</action>
I was missing the include on this particular page that included the errors.
Moral of the story: don't assume code that's on every single other page is on the one that's not working.