Hi all,
This is satya i developed logging/logout application using
struts like
First i developed Logging interceptor this will authenticate and it will display success ful
jsp then if i click on logout it will redireect to login jsp but after that if i click on
back on browser again it displaying successful jsp
Anybody please help me out to how to resolve this problem
My intrceptor code like this
/**
* A Struts 2 interceptor that implements a login system.
*/
public class LoginInterceptor extends AbstractInterceptor implements StrutsStatics {
/**
*
*/
private static final long serialVersionUID = 1L;
private SecurityManager securityManager;
private static final Log log = LogFactory.getLog (LoginInterceptor.class);
private static final
String USER_HANDLE = "QUADRAN_USER_SESSSION_HANDLE";
private static final String LOGIN_ATTEMPT = "QUADRAN_LOGIN_ATTEMPT";
private static final String USERNAME = "QUADRAN_USERNAME";
private static final String PASSWORD = "QUADRAN_PASSWORD";
public void init () {
log.info ("Intializing LoginInterceptor");
}
public void destroy () {}
public String intercept (ActionInvocation invocation) throws Exception {
// Get the action context from the invocation so we can access the
// HttpServletRequest and HttpSession objects.
final ActionContext context = invocation.getInvocationContext ();
HttpServletRequest request = (HttpServletRequest) context.get(HTTP_REQUEST);
HttpSession session = request.getSession (true);
// Is there a "user" object stored in the user's HttpSession?
Object user = session.getAttribute (USER_HANDLE);
if (user == null) {
// The user has not logged in yet.
// Is the user attempting to log in right now?
String loginAttempt = request.getParameter (LOGIN_ATTEMPT);
if (! StringUtils.isBlank (loginAttempt) ) { // The user is attempting to log in.
// Process the user's login attempt.
if (processLoginAttempt (request, session) ) {
// The login succeeded send them the login-success page.
return "login-success";
} else {
// The login failed. Set an error if we can on the action.
Object action = invocation.getAction ();
if (action instanceof com.opensymphony.xwork2.ValidationAware) {
((com.opensymphony.xwork2.ValidationAware) action).addActionError ("Username or password incorrect.");
}
}
}
// Either the login attempt failed or the user hasn't tried to login yet,
// and we need to send the login form.
return "login";
} else {
return invocation.invoke ();
}
}
/**
* Attempt to process the user's login attempt delegating the work to the
* SecurityManager.
*/
public boolean processLoginAttempt (HttpServletRequest request, HttpSession session) {
// Get the username and password submitted by the user from the HttpRequest.
String username = request.getParameter (USERNAME);
String password = request.getParameter (PASSWORD);
SecurityManagerImpl s= new SecurityManagerImpl();
// Use the security manager to validate the user's username and password.
Object user = s.login (username, password);
if (user != null) {
// The user has successfully logged in. Store their user object in
// their HttpSession. Then return true.
session.setAttribute (USER_HANDLE, user);
return true;
} else {
// The user did not successfully log in. Return false.
return false;
}
}
public void setSecurityManager (SecurityManager in) {
log.debug ("Setting security manager using: " + in.toString () );
this.securityManager = in;
}
My logout action code below
session = (SessionMap<String, Object>)ActionContext.getContext().getSession();
System.out.println("removing: login "+session.get("QUADRAN_USER_SESSSION_HANDLE"));
session.remove("QUADRAN_USER_SESSSION_HANDLE");
session.clear();
session.invalidate();
//setSession(session);
System.out.println("removed - sreedevi: login "+session.get("QUADRAN_USER_SESSSION_HANDLE"));
return SUCCESS;