struts action url mapping that allows to split actions into restricted and unrestricted

P

Pavel

Greetings to all -

How could I have two groups of struts actions in the same application
so the actions in the first group require the container based
authorization and actions in the second group do not ?

According to http://jakarta.apache.org/struts/userGuide/configuration.html
I can use either prefix matching or extension matching:

5.4.2 Configure the Action Servlet Mapping
WARNING - Struts will not operate correctly if you define more than
one <servlet-mapping> element for the controller servlet.

In my web.xml I could not specify 'exception' url-pattern either:

<security-constraint>
<web-resource-collection>
<url-pattern>*.do</url-pattern>
<url-pattern>/jsp/*</url-pattern>
</web-resource-collection>
</security-constraint>

If struts would support multiple servlet-mapping then I could use
/do/* for my unrestricted actions. Can I have different url mapping
for different struts modules ?

The only work around that comes to mind so far is to create servlets
outside of struts framework instead of actions in one of two groups.
Any ideas are greatly appreciated.

Thanks
Pavel
 
P

Pavel

I could probably change my struts action servlet mapping from '*.do'to
'/do/*' and then modify all of my secure actions mapping from '/dada'
to '/do/secure/dada' in struts-config.xml. I could then add unsecure
struts action '/do/public/dada'.

In web.xml, I could then use '/do/secure/*' instead of '/do/*'. The
downside of this is that I'd have to go though all of the JSPs and
replace 'dada.do' with '/do/secure/dada' for all of the actions. Also,
according to Struts docs 5.4.2 Configure the Action Servlet Mapping:
WARNING - If you are using the new module support in Struts 1.1, you
should be aware that only extension mapping is supported.

If I could only specify the exceptions in the web.xml like
<security-constraint>
<web-resource-collection>

<url-pattern-except>/public/*</url-pattern-except>

<url-pattern>*.do</url-pattern>
<url-pattern>/jsp/*</url-pattern>
</web-resource-collection>
</security-constraint>
that would be all I'd need to do ... It would be too simple though.

Pavel
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Struts 2 getRequestDispatcher forward to *.action 3
No action instance for path /welcomeAction could be created 0
Struts Tiles Error 0
struts error: HTTP Status 404 - Servlet action is not available 6
Tomcat not starting due to Struts? 0
integration between struts and servlet auth 5
struts action mapping input attribute - dynamic value ? 2
web.xml help - struts 3

Members online

No members online now.
Total: 33 (members: 0, guests: 33)
Robots: 197

Forum statistics

Threads
473,766
Messages
2,569,569
Members
45,043
Latest member
CannalabsCBDReview

Latest Threads

Top