com.jfw.web.struts2
Class JFWAction

java.lang.Object
  com.opensymphony.xwork2.ActionSupport
      com.jfw.web.struts2.JFWAction

All Implemented Interfaces:

JFWCommonAction, com.opensymphony.xwork2.Action, com.opensymphony.xwork2.LocaleProvider, com.opensymphony.xwork2.ModelDriven, com.opensymphony.xwork2.TextProvider, com.opensymphony.xwork2.Validateable, com.opensymphony.xwork2.ValidationAware, java.io.Serializable, org.apache.struts2.interceptor.ServletRequestAware, org.apache.struts2.interceptor.ServletResponseAware

Direct Known Subclasses:

AdministrationAction

public abstract class JFWAction
extends com.opensymphony.xwork2.ActionSupport
implements JFWCommonAction, org.apache.struts2.interceptor.ServletRequestAware, org.apache.struts2.interceptor.ServletResponseAware, com.opensymphony.xwork2.ModelDriven

All project actions using Struts 2.x must extend this class.

Offer methods for implement the authentication and authorization of actions with automatically redirect to the relative jsps if user credentials is not appropriate for action execution.

Any project must have a class that implements methods
isAuthenticated(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
and
isAuthorized(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.jfw.authentication.UserData).

This class must be extended by all others project actions who will implement only method myExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap).

Example of project super class

 public abstract class PrototypeProjectAction extends com.jfw.web.struts2.JFWAction
 {
   protected boolean isAuthenticated(HttpServletRequest request, HttpServletResponse response, HashMap outputData)
   {
     boolean result = true;

     if(isSimulateAuthentication())
     {
       //code for simulation
       result = true;
     }
     else
     {
       // real code, use class com.jfw.authentication.Authentication 
       // for standard authentication
       Authentication authentication = new Authentication();
       UserData userData = authentication.authenticate(request, response);
 
       if(userData != null)
         result = true;
       else
         result = false;
     }
 
     return result;
   }
 

   protected int isAuthorized(HttpServletRequest request, HttpServletResponse response, UserData userData)
   {
     int result = Authorization.AUTHORIZE_ALL;

     if(isSimulateAuthorization())
     {
       //code for simulation
       result = Authorization.AUTHORIZE_ALL;
     }
     else
     {
       // real code, use class com.jfw.authentication.Authorization 
       // for standard authorization
       Authorization authorization = new Authorization();
       result = authorization.authorize(request, response, userData);
     }

     return result;
   }
 }
 

See Also:

Serialized Form

Field Summary

protected java.lang.String	className Used for logging.
static java.lang.String	LOCALE_KEY The key to use for Locale when is set as an attribute in response.
static java.lang.String	LOCALE_STRUTS2_SESSION_KEY The key used in Struts2 for save the locale in session.

Fields inherited from class com.opensymphony.xwork2.ActionSupport

LOG

Fields inherited from interface com.jfw.web.JFWCommonAction

AUTH_MSG_KEY, AUTH_USER_NOT_IN_DB, ERROR_KEY, excludeParams, LOCALE_LANGUAGE_KEY, logger, OPERATION_RESULT_KEY, OPERATION_RESULT_KO_KEY, OPERATION_RESULT_OK_KEY, OPERATION_TYPE_ADD_KEY, OPERATION_TYPE_DELETE_KEY, OPERATION_TYPE_KEY, OPERATION_TYPE_UPDATE_KEY, OUTPUT_DATA_KEY, properties, REQUEST_KEY, RESPONSE_KEY, SERVICE_NAME_KEY, USER_DATA_IN_REQUEST_KEY, USER_PROFILE_IN_REQUEST_KEY

Fields inherited from interface com.opensymphony.xwork2.Action

ERROR, INPUT, LOGIN, NONE, SUCCESS

Constructor Summary

JFWAction()
Create a new instance.

Method Summary

protected java.lang.String	afterMyExecute(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.HashMap outputData) This method is execute after the method myExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap) is executed.
protected void	beforeMyExecute(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.HashMap outputData) This method is execute before the method myExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap) is executed.
java.lang.String	execute() This is the execute method of a struts Action.
protected java.util.Locale	getLocale(javax.servlet.http.HttpServletRequest request) Get locale.
protected java.lang.String	getLocaleLanguage(javax.servlet.http.HttpServletRequest request) Get locale language.
java.lang.Object	getModel() Used for save the data of an html form in a bean.
javax.servlet.http.HttpServletRequest	getServletRequest() Get attribute request.
javax.servlet.http.HttpServletResponse	getServletResponse() Get attribute response.
protected UserData	getUser(javax.servlet.http.HttpServletRequest request) Get UserData from session.
protected void	initLocale(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Set the locale.
protected abstract boolean	isAuthenticated(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.HashMap outputdata) Implements the authentication process.
protected abstract int	isAuthorized(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, UserData userData) Implements the authorization process.
protected boolean	isSimulateAuthentication() Get attribute simulateAuthentication.
protected boolean	isSimulateAuthorization() Get attribute simulateAuthorization.
protected abstract java.lang.String	myExecute(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.HashMap outputData) This method must be implement by project actions.
protected java.lang.String	security(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.HashMap outputData) Check if the user can execute an action.
protected void	setLocale(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Locale locale) Set the locale.
protected void	setLocale(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String language, java.lang.String country) Set the locale.
void	setServletRequest(javax.servlet.http.HttpServletRequest request) Set attribute request.
void	setServletResponse(javax.servlet.http.HttpServletResponse response) Set attribute response.
protected void	setUserDataInOutputData(java.util.HashMap outputdata, UserData userData) Set the UserData and UserProfile in outputdata under keys JFWCommonAction.USER_DATA_IN_REQUEST_KEY and JFWCommonAction.USER_PROFILE_IN_REQUEST_KEY.

Methods inherited from class com.opensymphony.xwork2.ActionSupport

addActionError, addActionMessage, addFieldError, clearErrorsAndMessages, clone, doDefault, getActionErrors, getActionMessages, getErrorMessages, getErrors, getFieldErrors, getLocale, getText, getText, getText, getText, getText, getText, getText, getText, getText, getTexts, getTexts, hasActionErrors, hasActionMessages, hasErrors, hasFieldErrors, input, pause, setActionErrors, setActionMessages, setFieldErrors, validate

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

className

protected java.lang.String className

Used for logging.

LOCALE_KEY

public static final java.lang.String LOCALE_KEY

The key to use for Locale when is set as an attribute in response. Also, if exist a request parameter with this name is used for set the locale. The value is get from attribute I18nInterceptor.DEFAULT_PARAMETER ("request_locale");

See Also:

Constant Field Values

LOCALE_STRUTS2_SESSION_KEY

public static final java.lang.String LOCALE_STRUTS2_SESSION_KEY

The key used in Struts2 for save the locale in session. The value is get from attribute I18nInterceptor.DEFAULT_SESSION_ATTRIBUTE ("WW_TRANS_I18N_LOCALE").

See Also:

Constant Field Values

Constructor Detail

JFWAction

public JFWAction()

Create a new instance. This methods are called on instance creation:

1. super()
2. initialize()

Method Detail

execute

public final java.lang.String execute()
                               throws java.lang.Exception

This is the execute method of a struts Action.
This is the order of operations executed by this method:

1. create the HashMap outputData. This HashMap contains data who can be used by the jsp. If outputData is already in request (this is happen when an action forward to an other action) then is not recreated and values already added can be used. If outputData is not present then is instantiate and added in request under key JFWCommonAction.OUTPUT_DATA_KEY.
   Add under key JFWCommonAction.SERVICE_NAME_KEY the name of the requested action.
   Add under key JFWCommonAction.REQUEST_KEY the request object.
   Add under key JFWCommonAction.RESPONSE_KEY the response object.
   
2. initLocale(HttpServletRequest,HttpServletResponse)
3. security(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
4. beforeMyExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
5. myExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
6. afterMyExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)

If an exception occur then the stack trace is added in the action errors and can be viewed in jsp using the relative tag.
Also, the error is add in the HashMap outputData under the key JFWCommonAction.ERROR_KEY.

Specified by:

execute in interface com.opensymphony.xwork2.Action

Overrides:

execute in class com.opensymphony.xwork2.ActionSupport

Throws:

java.lang.Exception

initLocale

protected void initLocale(javax.servlet.http.HttpServletRequest request,
                          javax.servlet.http.HttpServletResponse response)
                   throws java.lang.Exception

Set the locale. This is the process for set the locale:

1. if parameter LOCALE_KEY exist in request then this value is used. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).
2. if exist in session an attribute under key LOCALE_KEY then the locale is already set.
3. if cookie LocaleCookie.COOKIE_NAME exist in request then the value in cookie is used. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).
4. if key default_language is defined in jfw.properties then this value is used. To get default application locale the method JFWLocale.getLocale() is used. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).
5. if all other methods failed the default locale is used. Call method setLocale(HttpServletRequest,HttpServletResponse,Locale).

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

Throws:

java.lang.Exception

security

protected java.lang.String security(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    java.util.HashMap outputData)
                             throws java.lang.Exception

Check if the user can execute an action.
Call methods
isAuthenticated(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap)
and
isAuthorized(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.jfw.authentication.UserData).

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

outputData - the HashMap container of data to view in jsp.

Returns:

null if authentication and authorization check pass, a String for the relative error page.

Throws:

java.lang.Exception

getUser

protected UserData getUser(javax.servlet.http.HttpServletRequest request)

Get UserData from session. The object is associated with key Authentication.USER_DATA_IN_SESSION_KEY.
If JFW authentication class is used (Authentication) then method Authentication.addUserDataInSession(javax.servlet.http.HttpSession, com.jfw.authentication.UserData) add the user data object in session.

Parameters:

request - an HttpServletRequest object.

Returns:

a UserData object or null if not found in session.

getLocale

protected java.util.Locale getLocale(javax.servlet.http.HttpServletRequest request)

Get locale. The locale is get from session (key LOCALE_KEY) and if not found in session the default locale is returned.

Parameters:

request - an HttpServletRequest object.

Returns:

a Locale object.

getLocaleLanguage

protected java.lang.String getLocaleLanguage(javax.servlet.http.HttpServletRequest request)

Get locale language. Call method getLocale(javax.servlet.http.HttpServletRequest) for get the locale.

Parameters:

request - an HttpServletRequest object.

Returns:

the language.

setLocale

protected void setLocale(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response,
                         java.util.Locale locale)

Set the locale. This operations are executed:

1. session.setAttribute(LOCALE_KEY, locale)
2. LocaleCookie.write(response, locale)

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

locale - an Locale object.

setLocale

protected void setLocale(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response,
                         java.lang.String language,
                         java.lang.String country)

Set the locale. Call method setLocale(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.Locale).

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

language - the language to use for the locale.

country - the country to use for the locale.

setUserDataInOutputData

protected void setUserDataInOutputData(java.util.HashMap outputdata,
                                       UserData userData)

Set the UserData and UserProfile in outputdata under keys JFWCommonAction.USER_DATA_IN_REQUEST_KEY and JFWCommonAction.USER_PROFILE_IN_REQUEST_KEY.

Parameters:

outputdata - the HashMap container of data to view in jsp.

userData - a UserData object.

isSimulateAuthentication

protected boolean isSimulateAuthentication()

Get attribute simulateAuthentication.

Returns:

attribute simulateAuthentication.

isSimulateAuthorization

protected boolean isSimulateAuthorization()

Get attribute simulateAuthorization.

Returns:

attribute simulateAuthorization.

setServletRequest

public void setServletRequest(javax.servlet.http.HttpServletRequest request)

Set attribute request.

Specified by:

setServletRequest in interface org.apache.struts2.interceptor.ServletRequestAware

Parameters:

request - the HttpServletRequest object.

getServletRequest

public javax.servlet.http.HttpServletRequest getServletRequest()

Get attribute request.

Returns:

the HttpServletRequest object.

setServletResponse

public void setServletResponse(javax.servlet.http.HttpServletResponse response)

Set attribute response.

Specified by:

setServletResponse in interface org.apache.struts2.interceptor.ServletResponseAware

Parameters:

response - the HttpServletResponse object.

getServletResponse

public javax.servlet.http.HttpServletResponse getServletResponse()

Get attribute response.

Returns:

the HttpServletResponse object.

beforeMyExecute

protected void beforeMyExecute(javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response,
                               java.util.HashMap outputData)
                        throws java.lang.Exception

This method is execute before the method myExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap) is executed. For default this method is empty.

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

outputData - the HashMap container of data to view in jsp.

Throws:

java.lang.Exception

afterMyExecute

protected java.lang.String afterMyExecute(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response,
                                          java.util.HashMap outputData)
                                   throws java.lang.Exception

This method is execute after the method myExecute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.util.HashMap) is executed. For default this method is empty and return null.

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

outputData - the HashMap container of data to view in jsp.

Returns:

a String with the name of the forward page. If an object different from null is returned then this forward will be used.

Throws:

java.lang.Exception

getModel

public java.lang.Object getModel()

Used for save the data of an html form in a bean. The method must return an instance of the bean with the set and get methods for the request parameters.
The default implementation is "blank" and return always null.

Specified by:

getModel in interface com.opensymphony.xwork2.ModelDriven

Returns:

always null;

myExecute

protected abstract java.lang.String myExecute(javax.servlet.http.HttpServletRequest request,
                                              javax.servlet.http.HttpServletResponse response,
                                              java.util.HashMap outputData)
                                       throws java.lang.Exception

This method must be implement by project actions.

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

outputData - the HashMap container of data to view in jsp. To show the values added in this object a code like this can be used:
<bean:write name="OUTPUT_DATA_KEY" property="my_key" scope="request"/>

Returns:

a String with the name of the forward page.

Throws:

java.lang.Exception

isAuthenticated

protected abstract boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
                                           javax.servlet.http.HttpServletResponse response,
                                           java.util.HashMap outputdata)
                                    throws java.lang.Exception

Implements the authentication process.

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

outputdata - the HashMap container of data to view in jsp.

Returns:

true if user authentication success, false if fail.

Throws:

java.lang.Exception

isAuthorized

protected abstract int isAuthorized(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    UserData userData)
                             throws java.lang.Exception

Implements the authorization process.

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

userData - a UserData object.

Returns:

possible values are:

1. Authorization.AUTHORIZED_NO: user can not execute the service.
2. Authorization.AUTHORIZED_YES: user can execute the service.
3. Authorization.AUTHORIZE_ALL: all users can execute the service.
4. Authorization.AUTHORIZE_AUTHENTICATED: all authenticated users can execute the service.
5. Authorization.SERVICE_NOT_FOUND: service name not exist in database.

Throws:

java.lang.Exception