Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to get login page when session is expired?

 
prashan dassanayake
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When my website's session is expiring it shows an error message like below when trying to access some pages.But for other pages though the session is expired ,when trying to access them ,it prompts to the login page asking user to log again as the session is expired.So i want to eliminate error message for firstly said pages, and make it prompts to login page when they are trying to be accessed as happened in secondly said pages.i'm a beginner So please help me to do this.
This is the error being displaced.I'm using jboss server.Please tell me how to do this.

javax.servlet.ServletException: user name can not be null
org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:523)
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:421)
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)


root cause

java.lang.IllegalArgumentException: user name can not be null
com.atlinkcom.bestcarelab.dal.UserPrivilegeDAL.getUserIdByUsername(UserPrivilegeDAL.java:109)
com.atlinkcom.bestcarelab.manager.UserManager.addUserActivity(UserManager.java:657)
com.atlinkcom.bestcarelab.action.order.GetSchedulesForWelcomeAction.execute(GetSchedulesForWelcomeAction.java:50)
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter
[ November 20, 2008: Message edited by: prashan dassanayake ]
 
Satish Chilukuri
Ranch Hand
Posts: 266
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It looks like some of your servlets/jsps are handling session expiration cases and some are not. Look at the code for the pages which show the login page on session expiration and see how it is handled. Do the same for other pages.

Also, if user authentication code is duplicated in many places, it is good idea to bring it in one place, preferably in your Controller or in a Filter.
 
prashan dassanayake
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i'm a very first beginner.So can you tell me please in which kind of files these expiration handling codes are being written and where can be these files found.If you can please give me an example code
 
Amol Nayak
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How are you handling the security? Declarative or programatically that is writing code for authorization and authentication.
 
prashan dassanayake
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I said first i'm a learner.So i want to know whether these handlings should be done in java files or jsp files.And what are the commands for doing this.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Before anyone can give you meaningful help, you'll need to answer Amol's question. How have you implemented security so far?
 
prashan dassanayake
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is halfly built website from somebody.So as a learner I cant understand how the security is handled here by looking the project.I just wanted to correct that error.
 
Amol Nayak
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can you show us the web.xml of this project?
 
prashan dassanayake
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here it is.


<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>

<display-name>BCL</display-name>
<session-timeout>10</session-timeout>

<servlet>
<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>

<welcome-file-list>
<welcome-file>/pages/index.jsp</welcome-file>
</welcome-file-list>

<taglib>
<taglib-uri>/WEB-INF/tlds/struts-layout.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-layout.tld</taglib-location>
</taglib>

</web-app>
 
prashan dassanayake
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks all for replying.Bye!
 
Amol Nayak
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Looks like secutity is handled progmatically can you post the code for
getUserIdByUsername method of com.atlinkcom.bestcarelab.dal.UserPrivilegeDAL
 
in Mkumar
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
To get login page..you need to write a servlet or any controller and check for invalidate seesion ..if it is not live ..redirect to login page from controller it self, and also define this servlet with <load-on-startup> in web.xml..

hope you will get result. - Manoj
 
Amit Ghorpade
Bartender
Posts: 2854
10
Fedora Firefox Browser Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"in Mkumar " please see your private messages for an important administrative matter.
 
prashan dassanayake
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here it is Amol,


[BPSouther: Added code tags]
[ November 21, 2008: Message edited by: Ben Souther ]
 
Amol Nayak
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Now if we look at the code posted by you the the problem lies here



Which means the parameter passed to this method itself is null.
I would like you to do some analysis now,

Look at these methods addUserActivity() of
com.atlinkcom.bestcarelab.manager.UserManager
and
execute of this action
com.atlinkcom.bestcarelab.action.order.GetSchedulesForWelcomeAction

check where the user variable is instanciated and assigned a value, should be somewhere in these two methods above i reckon. Put some log messages in these two methods at meaningful places and try executing it again. Now access the pages where you are getting this exception and then those where it is directed to login page on session expiry.
Check for these things
Is this action and UserManager class coming in picture for the pages
where it is directed to login page on session expiry?

If yes, check why this username is not null in that case.

Please post back if you have any doubts or problems in doing this.
[ November 20, 2008: Message edited by: Amol Nayak ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic