001: /*
002: * Copyright (c) 2002-2003 by OpenSymphony
003: * All rights reserved.
004: */
005: package com.opensymphony.webwork.interceptor;
006:
007: import java.util.Map;
008:
009: import javax.servlet.http.HttpServletRequest;
010: import javax.servlet.http.HttpServletResponse;
011:
012: import com.opensymphony.webwork.ServletActionContext;
013: import com.opensymphony.webwork.util.InvocationSessionStore;
014: import com.opensymphony.webwork.util.TokenHelper;
015: import com.opensymphony.xwork.ActionContext;
016: import com.opensymphony.xwork.ActionInvocation;
017: import com.opensymphony.xwork.Result;
018: import com.opensymphony.xwork.util.OgnlValueStack;
019:
020: /**
021: * <!-- START SNIPPET: description -->
022: *
023: * This interceptor builds off of the {@link TokenInterceptor}, providing advanced logic for handling invalid tokens.
024: * Unlike the normal token interceptor, this interceptor will attempt to provide intelligent fail-over in the event of
025: * multiple requests using the same session. That is, it will block subsequent requests until the first request is
026: * complete, and then instead of returning the <i>invalid.token</i> code, it will attempt to display the same response
027: * that the original, valid action invocation would have displayed if no multiple requests were submitted in the first
028: * place.
029: *
030: * <p/>
031: *
032: * <b>NOTE:</b> As this method extends off MethodFilterInterceptor, it is capable of
033: * deciding if it is applicable only to selective methods in the action class. See
034: * <code>MethodFilterInterceptor</code> for more info.
035: *
036: * <!-- END SNIPPET: description -->
037: *
038: * <p/> <u>Interceptor parameters:</u>
039: *
040: * <!-- START SNIPPET: parameters -->
041: *
042: * <ul>
043: *
044: * <li>None</li>
045: *
046: * </ul>
047: *
048: * <!-- END SNIPPET: parameters -->
049: *
050: * <p/> <u>Extending the interceptor:</u>
051: *
052: * <p/>
053: *
054: * <!-- START SNIPPET: extending -->
055: *
056: * There are no known extension points for this interceptor.
057: *
058: * <!-- END SNIPPET: extending -->
059: *
060: * <p/> <u>Example code:</u>
061: *
062: * <pre>
063: * <!-- START SNIPPET: example -->
064: *
065: * <action name="someAction" class="com.examples.SomeAction">
066: * <interceptor-ref name="token-session/>
067: * <interceptor-ref name="basicStack"/>
068: * <result name="success">good_result.ftl</result>
069: * </action>
070: *
071: * <-- In this case, myMethod of the action class will not
072: * get checked for invalidity of token -->
073: * <action name="someAction" class="com.examples.SomeAction">
074: * <interceptor-ref name="token-session>
075: * <param name="excludeMethods">myMethod</param>
076: * </interceptor-ref name="token-session>
077: * <interceptor-ref name="basicStack"/>
078: * <result name="success">good_result.ftl</result>
079: * </action>
080: *
081: * <!-- END SNIPPET: example -->
082: * </pre>
083: *
084: * @author Jason Carreira
085: * @author Rainer Hermanns
086: * @author Nils-Helge Garli
087: *
088: * @version $Date: 2007-03-04 03:02:04 +0100 (Sun, 04 Mar 2007) $ $Id: TokenSessionStoreInterceptor.java 2856 2007-03-04 02:02:04Z tschneider22 $
089: */
090: public class TokenSessionStoreInterceptor extends TokenInterceptor {
091:
092: private static final long serialVersionUID = 7076608008805392601L;
093:
094: protected String handleInvalidToken(ActionInvocation invocation)
095: throws Exception {
096: ActionContext ac = invocation.getInvocationContext();
097:
098: HttpServletRequest request = (HttpServletRequest) ac
099: .get(ServletActionContext.HTTP_REQUEST);
100: HttpServletResponse response = (HttpServletResponse) ac
101: .get(ServletActionContext.HTTP_RESPONSE);
102: String tokenName = TokenHelper.getTokenName();
103: String token = TokenHelper.getToken(tokenName);
104:
105: Map params = ac.getParameters();
106: params.remove(tokenName);
107: params.remove(TokenHelper.TOKEN_NAME_FIELD);
108:
109: if ((tokenName != null) && (token != null)) {
110: ActionInvocation savedInvocation = InvocationSessionStore
111: .loadInvocation(tokenName, token);
112:
113: if (savedInvocation != null) {
114: // set the valuestack to the request scope
115: OgnlValueStack stack = savedInvocation.getStack();
116: Map context = stack.getContext();
117: request.setAttribute(
118: ServletActionContext.WEBWORK_VALUESTACK_KEY,
119: stack);
120:
121: ActionContext savedContext = savedInvocation
122: .getInvocationContext();
123: savedContext.getContextMap().put(
124: ServletActionContext.HTTP_REQUEST, request);
125: savedContext.getContextMap().put(
126: ServletActionContext.HTTP_RESPONSE, response);
127: Result result = savedInvocation.getResult();
128: if ((result != null)
129: && (savedInvocation.getProxy()
130: .getExecuteResult())) {
131: synchronized (context) {
132: result.execute(savedInvocation);
133: }
134: }
135:
136: // turn off execution of this invocations result
137: invocation.getProxy().setExecuteResult(false);
138:
139: return savedInvocation.getResultCode();
140: }
141: }
142:
143: return INVALID_TOKEN_CODE;
144: }
145:
146: protected String handleValidToken(ActionInvocation invocation)
147: throws Exception {
148: // we know the token name and token must be there
149: // ActionContext ac = invocation.getInvocationContext();
150: // HttpServletRequest request = (HttpServletRequest) ac.get(ServletActionContext.HTTP_REQUEST);
151: String key = TokenHelper.getTokenName();
152: String token = TokenHelper.getToken(key);
153: InvocationSessionStore.storeInvocation(key, token, invocation);
154:
155: return invocation.invoke();
156: }
157: }
|