Wednesday, July 22, 2009

12 Custom Request Processor in Struts

I assume that you know the basics of struts and you are using lower version than that of struts 2.0.

Struts is a powerful MVC framework which can be extended to do some excellent work. There may be situations where you need some regular works at every actions. Such as validating the user, checking his/her roles, log user activities etc. Struts provides a way for that. ActionServlet is the only servlet in Struts. Before redirecting to the programmer's action, ActionServlet creates an object of RequestProcessor. The RequestProcessor class in the Struts distribution provides a default implementation for each of the request-processing steps. That means you can override only the methods that interest you, and use default implementations for rest of the methods. The processPreprocess method in RequestProcessor can be overridden to do some common tasks such as

1. Validating User Session
2. Validating User Role
3. Putting Action Form's Data Into User Log Table.

You have to do two things to implement custom request processor in struts.
1. Configure struts-config.xml. You can configure this way

Be sure to put above lines after the ending of action-mappings.

2. Create a class for example MyRequestProcessor extending class RequestProcessor and override the method processPreprocess for example. You can override any other method. The processPreprocess always return true. Returning false from this method will abort request processing. For example if user is not valid for the requested action then you may return false.
Before going to details let us see the sequence of processing a request in struts. Suppose user is requesting the action UserAction.

user request----> ActionServlet--->RequestProcessor --if processPreprocess return true-->UserAction

If you are overriding processPreprocess of RequestProcessor using your MyRequestProcessor then you can control user access.

Here is the sample code for MyRequestProcessor

public class MyRequestProcessor
extends RequestProcessor {
  protected boolean processPreprocess (
      HttpServletRequest request,
      HttpServletResponse response) {
      HttpSession session = request.getSession(false);
  //If user is trying to access login page
  // then don't check
  if( request.getServletPath().equals("/loginInput.do")
      || request.getServletPath().equals("/login.do") )
      return true;
  //Check if userName attribute is there is session.
  //If so, it means user has allready logged in
  if( session != null &&
  session.getAttribute("userName") != null){
      return true;
//if user session is valid then check user requesting action is valid or not.
//you can check this from your database table or any other way. I assumed that user
//actions is saved in database.
boolean validRole = checkUserRoleFromDB(session.getAttribute("userName")
); // not implemented

if(validRole)
return true;

}
  else{
      try{
          //If no redirect user to login Page
          request.getRequestDispatcher
              ("/Login.jsp").forward(request,response);
      }catch(Exception ex){
      }
  }


  return false;
}


}

12 comments:

Ranveer Kumar said...
This comment has been removed by a blog administrator.
bhavani said...

This is really helpful

Sandip Bhoi said...

Thanks.

This information was really helpful.
Basically I was in need of pre-processing request before it accesses any action. And that pre-processing checks the role based auth, setting current page action name, setting few attributes to request. etc

satya reddy said...

thank you
can you send me about junit test case wth one example to reddy.pulicherla@gmail.com

Anonymous said...

simple...and great...

Anonymous said...

This is fantastic stuff. Very elegant way of doing it.

karthik said...

Thanks... it is really helpful

Kiran Duba said...

That's a nice article. I want to know that in struts2 can we create custom FilterDispatcher for handling ActionInvocation?

Prasana said...

Good Article

Anonymous said...

Very Goood example i didnt found this one any where.
Just post these type of useful examples.
all the best

sneha y said...

that was useful. Thank you.

I have a requirement to audit fields only before leaving a view/jsp.

Can you anyone let me know how this can be achieved.

MD Danish said...

Great.. Thank you..

 

Mohammad Abul Khaer Copyright © 2011 - |- Template created by O Pregador - |- Powered by Blogger Templates