• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

struts2: what kicks in first- the interceptors or the form's validation?

 
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hey all,

what kicks in first? the interceptors or the form's validation?
logically, I would expect the validation to go first (unless I did not set it properly)







or the xml file.
 
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Annotation based Validation is accomplished by an interceptor --
specificly the "validation" interceptor which is quite close to the end of the interceptor stack. So most of the interceptors would have run first.

[Edit: actually further research indicates that both annotation and xml based validation are handled through the same interceptor, so the initial qualifier I had in my response isn't really needed, but still correct)
[ January 03, 2008: Message edited by: Eric Nielsen ]
 
Peter Primrose
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thank you Eric;

I did this:



as you can see the validation is almost at the very close to the end; however, it doesn't kick-in
 
Eric Nielsen
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just to make sure I understand, so you've submitted a form that should fail validation, but it doesn't?

First try switching to the method/execute based validation instead of the property validation, ie something like



Since I've gotten that type of validation to work. My interceptor stack looks like:

Which seems very comparable to yours, but I'm not sure if you had the default-interceptor-reg set. (and if you do have it set make sure that your action is in the same XWork Package as the interceptor definitions.

[ January 03, 2008: Message edited by: Eric Nielsen ]

[ January 03, 2008: Message edited by: Eric Nielsen ]
[ January 03, 2008: Message edited by: Eric Nielsen ]
 
Peter Primrose
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I really don't know. I tried every possible configuration (with or without the authorization interceptor) it simply doesn't invoke the validation.

mmmm....I;m reading practical apache struts2 and it says this:
"if you only use the provided validation you never need to provide a validation.xml" which is my case.

rrrrr...what do you mean by:

and if you do have it set make sure that your action is in the same XWork Package as the interceptor definitions



you mean the xml file and the interceptor class?
 
Eric Nielsen
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What I meant by that was....

Struts2 inherited from WebWork the confusing nomenclature of an "XWork Package" that is different from a Java Package. I don't think you're running into this, but it is worth checking. Here's be more or less complete setup (but I'm using the SmartURLs plugin so some stuff will be different.)



Notice near the top there is the constant for "smarturls.action.default.parent.package" set to "cib-default". This means, effectively, that all my actions are "inside" the "cib-default" "XWork Package" and thus pickup the packages default-interceptor stack.

Since it doesn't look like you're using SmartURLs, this is probably less of a problem -- unless you have multiple <package>...</package> blocks in your struts.xml file and you've configured your action in one, and your interceptors in another... XWork packages are more than "just" namespaces as some books/tutorials present them.

I remember when I was first using validation I had some problems, which sounded similar to yours. Some of the other things I remember having to play with a lot...

the @Validation() annotation above the class. I think it requires the ()'s

I think I would make the advice to try a simpler example first -- single method per action (ie try it with the dispatch action style you're currently using as then there's fewer moving parts to debug)

Finally does your LoginSupport class extend from ActionSupport. I think part of the annotation magic might require that...
 
Eric Nielsen
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Oh, one other thing... If validations fail then Struts2 will look for the "input" result, so make sure you have that configured. Ie the validation returns ActionSupport.INPUT, which equals "input" as its result...
 
Peter Primrose
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Eric,

I got it (well...almost)
I used your last comment (return input) and it works!!! beautiful (you had to see the smile on my face :-) )

I did that without the authentication Interceptor 'user' (I used the 'guest'. code below); now, I tried using the 'user' but the validation doesn't seems to work. I mean, I would expect that the authentication-interceptor will not even work (get to play) because the validation is incorrect and it will return 'input'.
(I hope my assumption is right)



Eric - thank you so much!
 
Eric Nielsen
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I haven't worked with the Struts Authentication interceptor... I have my own rather simple home-grown solution. But I would definitely expect the struts authentication interceptor to fire before any validation.

Remember the interceptor isn't there to _handle_ authentication, but to ensure that the user has been authenticated. Typically you'd have a Login action, that sets a specific token on the session that the authentication interceptor checks.
 
Peter Primrose
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
GOT IT!!!

You are right; I moved the authentication interceptor to the end of the stack (after the validation) and it works just as I wanted.

So, for the login page I *will not* use authentication because as you wrote, this suppose to come before validation (ie, on other functionality but login)

Case concluded thanks to you (I learned a lot!!!)
Thanks Eric

 
Eric Nielsen
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yay!

Just for comparison, here's the way I'm handling Authentication

I have my own custom interceptor:


and a login action like


So in my case, by interceptor stack always includes the Authentication Interceptor, and the interceptor is "turned off" by the presence of the custom @Unsecured annotation on an action.

I also have a very similar custom Authorization interceptor that interacts with an @AllowAccess annotation (with some parameters. Since I wanted to code a "Secure By Default" model -- ie unless you've annotated the action with @Unsecured the action will force login, unless you've annotated with @AllowsAccess(list of roles) its super-user only. And theres only the single interceptor stack to worry about so nothing can skip the interceptors by accident.
reply
    Bookmark Topic Watch Topic
  • New Topic