Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.jfw.web.struts
Class JFWAction

java.lang.Object
  extended by org.apache.struts.action.Action
      extended by com.jfw.web.struts.JFWAction
All Implemented Interfaces:
JFWCommonAction, java.util.Observer
Direct Known Subclasses:
AdministrationAction, PrototypeProjectAction
public abstract class JFWAction
extends org.apache.struts.action.Action
implements JFWCommonAction, java.util.Observer

All project actions using Struts 1.x must extend this class.

Offer methods for implement the authentication and authorization of actions with automatically redirect to the relative jsps if user credentials is not appropriate for action execution.

Any project must have a class that implements methods
isAuthenticated(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
and
isAuthorized(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.jfw.authentication.UserData).

This class must be extended by all others project actions who will implement only method myExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap).

Example of project super class

 public abstract class PrototypeProjectAction extends com.jfw.web.struts.JFWAction
 {
   protected boolean isAuthenticated(HttpServletRequest request, HttpServletResponse response, HashMap outputData)
   {
     boolean result = true;

     if(isSimulateAuthentication())
     {
       //code for simulation
       result = true;
     }
     else
     {
       // real code, use class com.jfw.authentication.Authentication 
       // for standard authentication
       Authentication authentication = new Authentication();
       UserData userData = authentication.authenticate(request, response);
 
       if(userData != null)
         result = true;
       else
         result = false;
     }
 
     return result;
   }
 

   protected int isAuthorized(HttpServletRequest request, HttpServletResponse response, UserData userData)
   {
     int result = Authorization.AUTHORIZE_ALL;

     if(isSimulateAuthorization())
     {
       //code for simulation
       result = Authorization.AUTHORIZE_ALL;
     }
     else
     {
       // real code, use class com.jfw.authentication.Authorization 
       // for standard authorization
       Authorization authorization = new Authorization();
       result = authorization.authorize(request, response, userData);
     }

     return result;
   }
 }

Field Summary
protected  java.lang.String className
          Used for logging.
static java.lang.String LOCALE_KEY
          The key to use for Locale when is set as an attribute in response.
 
Fields inherited from class org.apache.struts.action.Action
servlet
 
Fields inherited from interface com.jfw.web.JFWCommonAction
AUTH_MSG_KEY, AUTH_USER_NOT_IN_DB, ERROR_KEY, excludeParams, LOCALE_LANGUAGE_KEY, logger, OPERATION_RESULT_KEY, OPERATION_RESULT_KO_KEY, OPERATION_RESULT_OK_KEY, OPERATION_TYPE_ADD_KEY, OPERATION_TYPE_DELETE_KEY, OPERATION_TYPE_KEY, OPERATION_TYPE_UPDATE_KEY, OUTPUT_DATA_KEY, properties, REQUEST_KEY, RESPONSE_KEY, SERVICE_NAME_KEY, USER_DATA_IN_REQUEST_KEY, USER_PROFILE_IN_REQUEST_KEY
 
Constructor Summary
JFWAction()
          Create a new instance.
 
Method Summary
protected  org.apache.struts.action.ActionForward afterMyExecute(org.apache.struts.action.ActionMapping mapping, org.apache.struts.action.ActionForm form, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.apache.struts.action.ActionMessages messages, java.util.HashMap outputData)
          This method is execute after the method myExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap) is executed.
protected  void beforeMyExecute(org.apache.struts.action.ActionMapping mapping, org.apache.struts.action.ActionForm form, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.apache.struts.action.ActionMessages messages, java.util.HashMap outputData)
          This method is execute before the method myExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap) is executed.
 org.apache.struts.action.ActionForward execute(org.apache.struts.action.ActionMapping mapping, org.apache.struts.action.ActionForm form, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          This is the execute method of a struts Action.
protected  java.util.Locale getLocale(javax.servlet.http.HttpServletRequest request)
          Get locale.
protected  java.lang.String getLocaleLanguage(javax.servlet.http.HttpServletRequest request)
          Get locale language.
protected  UserData getUser(javax.servlet.http.HttpServletRequest request)
          Get UserData from session.
protected  void initLocale(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Set the locale.
protected abstract  boolean isAuthenticated(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.HashMap outputdata)
          Implements the authentication process.
protected abstract  int isAuthorized(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, UserData userData)
          Implements the authorization process.
protected  boolean isSimulateAuthentication()
          Get attribute simulateAuthentication.
protected  boolean isSimulateAuthorization()
          Get attribute simulateAuthorization.
protected abstract  org.apache.struts.action.ActionForward myExecute(org.apache.struts.action.ActionMapping mapping, org.apache.struts.action.ActionForm form, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.apache.struts.action.ActionMessages messages, java.util.HashMap outputData)
          This method must be implement by project actions.
protected  void myInit()
          The method is execute in the constructor and by method update(java.util.Observable, java.lang.Object).
protected  org.apache.struts.action.ActionForward security(org.apache.struts.action.ActionMapping mapping, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.HashMap outputData)
          Check if the user can execute an action.
protected  void setLocale(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Locale locale)
          Set the locale.
protected  void setLocale(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String language, java.lang.String country)
          Set the locale.
protected  void setUserDataInOutputData(java.util.HashMap outputdata, UserData userData)
          Set the UserData and UserProfile in outputdata under keys JFWCommonAction.USER_DATA_IN_REQUEST_KEY and JFWCommonAction.USER_PROFILE_IN_REQUEST_KEY.
 void update(java.util.Observable observable, java.lang.Object obj)
          Call methods initialize() and myInit().
 
Methods inherited from class org.apache.struts.action.Action
addErrors, addMessages, execute, generateToken, getErrors, getMessages, getResources, getResources, getServlet, isCancelled, isTokenValid, isTokenValid, resetToken, saveErrors, saveErrors, saveMessages, saveMessages, saveToken, setLocale, setServlet
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

className

protected java.lang.String className
Used for logging.

LOCALE_KEY

public static final java.lang.String LOCALE_KEY
The key to use for Locale when is set as an attribute in response. Also, if exist a request parameter with this name is used for set the locale.

See Also:
Constant Field Values
Constructor Detail

JFWAction

public JFWAction()
Create a new instance. This methods are called on instance creation:
  1. super()
  2. UpdateObservable.addObserver(java.lang.Object, java.lang.String, java.lang.String)
  3. initialize()
  4. myInit()

Method Detail

myInit

protected void myInit()
The method is execute in the constructor and by method update(java.util.Observable, java.lang.Object).
Actions can override if needed to initialize data.
No code exist in the default implementation.

execute

public final org.apache.struts.action.ActionForward execute(org.apache.struts.action.ActionMapping mapping,
                                                            org.apache.struts.action.ActionForm form,
                                                            javax.servlet.http.HttpServletRequest request,
                                                            javax.servlet.http.HttpServletResponse response)
                                                     throws java.lang.Exception
This is the execute method of a struts Action.
This is the order of operations executed by this method:
  1. create the HashMap outputData. This HashMap contains data who can be used by the jsp. If outputData is already in request (this is happen when an action forward to an other action) then is not recreated and values already added can be used. If outputData is not present then is instantiate and added in request under key JFWCommonAction.OUTPUT_DATA_KEY.
    Add under key JFWCommonAction.SERVICE_NAME_KEY the name of the requested action.
    Add under key JFWCommonAction.REQUEST_KEY the request object.
    Add under key JFWCommonAction.RESPONSE_KEY the response object.
  2. initLocale(HttpServletRequest,HttpServletResponse)
  3. security(org.apache.struts.action.ActionMapping, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
  4. beforeMyExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap)
  5. myExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap)
  6. afterMyExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap)
If an exception occur then the stack trace is added under key JFWCommonAction.ERROR_KEY in a ActionMessages object. The ActionMessages is send to Action.saveErrors(javax.servlet.http.HttpServletRequest, org.apache.struts.action.ActionMessages) so is possible to display it in jsp using the html:errors tag.
Also, the error is add in the HashMap outputData under the key JFWCommonAction.ERROR_KEY.

Overrides:
execute in class org.apache.struts.action.Action
Throws:
java.lang.Exception

initLocale

protected void initLocale(javax.servlet.http.HttpServletRequest request,
                          javax.servlet.http.HttpServletResponse response)
                   throws java.lang.Exception
Set the locale. This is the process for set the locale:
  1. if parameter LOCALE_KEY exist in request then this value is used. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).
  2. if exist in session an attribute under key LOCALE_KEY then the locale is already set.
  3. if cookie LocaleCookie.COOKIE_NAME exist in request then the value in cookie is used. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).
  4. if key default_language is defined in jfw.properties then this value is used. To get default application locale the method JFWLocale.getLocale() is used. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).
  5. if all other methods failed the getLocale(HttpServletRequest) is called. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).

Parameters:
request - an HttpServletRequest object.
response - an HttpServletResponse object.
Throws:
java.lang.Exception

security

protected org.apache.struts.action.ActionForward security(org.apache.struts.action.ActionMapping mapping,
                                                          javax.servlet.http.HttpServletRequest request,
                                                          javax.servlet.http.HttpServletResponse response,
                                                          java.util.HashMap outputData)
                                                   throws java.lang.Exception
Check if the user can execute an action.
Call methods
isAuthenticated(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
and
isAuthorized(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.jfw.authentication.UserData).

Parameters:
mapping - an ActionMapping object.
request - an HttpServletRequest object.
response - an HttpServletResponse object.
outputData - the HashMap container of data to view in jsp.
Returns:
null if authentication and authorization check pass, an ActionForward object for the relative error page.
Throws:
java.lang.Exception

getUser

protected UserData getUser(javax.servlet.http.HttpServletRequest request)
Get UserData from session. The object is associated with key Authentication.USER_DATA_IN_SESSION_KEY.
If JFW authentication class is used (Authentication) then method Authentication.addUserDataInSession(javax.servlet.http.HttpSession, com.jfw.authentication.UserData) add the user data object in session.

Parameters:
request - an HttpServletRequest object.
Returns:
a UserData object or null if not found in session.

getLocale

protected java.util.Locale getLocale(javax.servlet.http.HttpServletRequest request)
Get locale. The locale is get from session (key LOCALE_KEY) and if not found in session the Action.getLocale(javax.servlet.http.HttpServletRequest) method is called.

Overrides:
getLocale in class org.apache.struts.action.Action
Parameters:
request - an HttpServletRequest object.
Returns:
a Locale object.

getLocaleLanguage

protected java.lang.String getLocaleLanguage(javax.servlet.http.HttpServletRequest request)
Get locale language. Call method getLocale(javax.servlet.http.HttpServletRequest) for get the locale.

Parameters:
request - an HttpServletRequest object.
Returns:
the language.

setLocale

protected void setLocale(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response,
                         java.util.Locale locale)
Set the locale. This operations are executed:
  1. super.setLocale(request, locale)
  2. session.setAttribute(LOCALE_KEY, locale)
  3. LocaleCookie.write(response, locale)

Parameters:
request - an HttpServletRequest object.
response - an HttpServletResponse object.
locale - an Locale object.

setLocale

protected void setLocale(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response,
                         java.lang.String language,
                         java.lang.String country)
Set the locale. Call method setLocale(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.Locale).

Parameters:
request - an HttpServletRequest object.
response - an HttpServletResponse object.
language - the language to use for the locale.
country - the country to use for the locale.

setUserDataInOutputData

protected void setUserDataInOutputData(java.util.HashMap outputdata,
                                       UserData userData)
Set the UserData and UserProfile in outputdata under keys JFWCommonAction.USER_DATA_IN_REQUEST_KEY and JFWCommonAction.USER_PROFILE_IN_REQUEST_KEY.

Parameters:
outputdata - the HashMap container of data to view in jsp.
userData - a UserData object.

isSimulateAuthentication

protected boolean isSimulateAuthentication()
Get attribute simulateAuthentication.

Returns:
attribute simulateAuthentication.

isSimulateAuthorization

protected boolean isSimulateAuthorization()
Get attribute simulateAuthorization.

Returns:
attribute simulateAuthorization.

update

public void update(java.util.Observable observable,
                   java.lang.Object obj)
Call methods initialize() and myInit().

Specified by:
update in interface java.util.Observer

beforeMyExecute

protected void beforeMyExecute(org.apache.struts.action.ActionMapping mapping,
                               org.apache.struts.action.ActionForm form,
                               javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response,
                               org.apache.struts.action.ActionMessages messages,
                               java.util.HashMap outputData)
                        throws java.lang.Exception
This method is execute before the method myExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap) is executed. For default this method is empty.

Parameters:
mapping - an ActionMapping object.
form - an ActionForm object.
request - an HttpServletRequest object.
response - an HttpServletResponse object.
messages - an ActionMessages object.
outputData - the HashMap container of data to view in jsp.
Throws:
java.lang.Exception

afterMyExecute

protected org.apache.struts.action.ActionForward afterMyExecute(org.apache.struts.action.ActionMapping mapping,
                                                                org.apache.struts.action.ActionForm form,
                                                                javax.servlet.http.HttpServletRequest request,
                                                                javax.servlet.http.HttpServletResponse response,
                                                                org.apache.struts.action.ActionMessages messages,
                                                                java.util.HashMap outputData)
                                                         throws java.lang.Exception
This method is execute after the method myExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.apache.struts.action.ActionMessages, java.util.HashMap) is executed. For default this method is empty and return null.

Parameters:
mapping - an ActionMapping object.
form - an ActionForm object.
request - an HttpServletRequest object.
response - an HttpServletResponse object.
messages - an ActionMessages object.
outputData - the HashMap container of data to view in jsp.
Returns:
an ActionForward object. If an object different from null is returned then this forward will be used.
Throws:
java.lang.Exception

myExecute

protected abstract org.apache.struts.action.ActionForward myExecute(org.apache.struts.action.ActionMapping mapping,
                                                                    org.apache.struts.action.ActionForm form,
                                                                    javax.servlet.http.HttpServletRequest request,
                                                                    javax.servlet.http.HttpServletResponse response,
                                                                    org.apache.struts.action.ActionMessages messages,
                                                                    java.util.HashMap outputData)
                                                             throws java.lang.Exception
This method must be implement by project actions.

Parameters:
mapping - an ActionMapping object.
form - an ActionForm object.
request - an HttpServletRequest object.
response - an HttpServletResponse object.
messages - an ActionMessages object.
outputData - the HashMap container of data to view in jsp. To show the values added in this object a code like this can be used:
<bean:write name="OUTPUT_DATA_KEY" property="my_key" scope="request"/>
Returns:
an ActionForward object.
Throws:
java.lang.Exception

isAuthenticated

protected abstract boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
                                           javax.servlet.http.HttpServletResponse response,
                                           java.util.HashMap outputdata)
                                    throws java.lang.Exception
Implements the authentication process.

Parameters:
request - an HttpServletRequest object.
response - an HttpServletResponse object.
outputdata - the HashMap container of data to view in jsp.
Returns:
true if user authentication success, false if fail.
Throws:
java.lang.Exception

isAuthorized

protected abstract int isAuthorized(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    UserData userData)
                             throws java.lang.Exception
Implements the authorization process.

Parameters:
request - an HttpServletRequest object.
response - an HttpServletResponse object.
userData - a UserData object.
Returns:
possible values are:
  1. Authorization.AUTHORIZED_NO: user can not execute the service.
  2. Authorization.AUTHORIZED_YES: user can execute the service.
  3. Authorization.AUTHORIZE_ALL: all users can execute the service.
  4. Authorization.AUTHORIZE_AUTHENTICATED: all authenticated users can execute the service.
  5. Authorization.SERVICE_NOT_FOUND: service name not exist in database.
Throws:
java.lang.Exception
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD