Discussion:
howto redirect to login site after session expiration?
Frank Ratzlow
2005-05-23 10:17:50 UTC
Permalink
Hallo folks,

I encountered a strange behaviour regarding the population mechanics of my
forms.

Following situation: I have my app running, the browser stays open with a
html form to be filled. The http-session expires and the user submits the
form to the server. The result is a http 500 error resulting from a NPE
caused while accessing the underlying struts form to populate.
What makes me wonder is the fact that although the session expired the
request is passed through the ActionServlet, a population of the
ActionForm is attempted and of course not be completed since the session
including it's objects are already removed.

I would like to see a redirect to an error site that I specify in the
web.xml or struts-config.xml in that case. How do I ensure that
unauthenticated users or users with an expired session are redirected to
such a specified site?

TIA

Frank

JBoss 3.2.3
Tomcat 4.1.29 (integrated)
Struts 1.1
JDK 1.4.2_06
Windows XP

===========Stacktrace Start=========================
11:16:00,140 ERROR [Engine] StandardWrapperValve[action]:
Servlet.service() for servlet action threw exception
javax.servlet.ServletException: BeanUtils.populate
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1254)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcessor.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActionServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(ContainerStatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:605)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:677)
at java.lang.Thread.run(Thread.java:534)
11:16:00,140 ERROR [Engine] ----- Root Cause -----
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUtils.java:493)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUtils.java:428)
at
org.apache.commons.beanutils.PropertyUtils.getNestedProperty(PropertyUtils.java:770)
at
org.apache.commons.beanutils.PropertyUtils.getProperty(PropertyUtils.java:801)
at
org.apache.commons.beanutils.BeanUtils.setProperty(BeanUtils.java:881)
at
org.apache.commons.beanutils.BeanUtils.populate(BeanUtils.java:808)
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1252)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcessor.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActionServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(ContainerStatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:605)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.NullPointerException
at
com.hannoverre.mmf.presentation.general.contract.ContractContentBaseForm.getNotification(ContractContentBaseForm.java:2003)
... 57 more

===========Stacktrace End =========================
Marco Mistroni
2005-05-23 10:24:21 UTC
Permalink
Hello,
Can't you use a ServletFilter that checks if user is in the
session?
If it is not you will redirect the request to your loginpage.

Regards
marco

-----Original Message-----
From: Frank Ratzlow [mailto:***@adesso.de]
Sent: 23 May 2005 11:18
To: ***@struts.apache.org
Subject: howto redirect to login site after session expiration?

Hallo folks,

I encountered a strange behaviour regarding the population mechanics of
my
forms.

Following situation: I have my app running, the browser stays open with
a
html form to be filled. The http-session expires and the user submits
the
form to the server. The result is a http 500 error resulting from a NPE
caused while accessing the underlying struts form to populate.
What makes me wonder is the fact that although the session expired the
request is passed through the ActionServlet, a population of the
ActionForm is attempted and of course not be completed since the session

including it's objects are already removed.

I would like to see a redirect to an error site that I specify in the
web.xml or struts-config.xml in that case. How do I ensure that
unauthenticated users or users with an expired session are redirected to

such a specified site?

TIA

Frank

JBoss 3.2.3
Tomcat 4.1.29 (integrated)
Struts 1.1
JDK 1.4.2_06
Windows XP

===========Stacktrace Start=========================
11:16:00,140 ERROR [Engine] StandardWrapperValve[action]:
Servlet.service() for servlet action threw exception
javax.servlet.ServletException: BeanUtils.populate
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1254)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcess
or.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:
254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActi
onServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurity
MgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja
va:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(Container
StatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:241
7)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
sociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:60
5)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:677)
at java.lang.Thread.run(Thread.java:534)
11:16:00,140 ERROR [Engine] ----- Root Cause -----
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUt
ils.java:493)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUt
ils.java:428)
at
org.apache.commons.beanutils.PropertyUtils.getNestedProperty(PropertyUti
ls.java:770)
at
org.apache.commons.beanutils.PropertyUtils.getProperty(PropertyUtils.jav
a:801)
at
org.apache.commons.beanutils.BeanUtils.setProperty(BeanUtils.java:881)
at
org.apache.commons.beanutils.BeanUtils.populate(BeanUtils.java:808)
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1252)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcess
or.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:
254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActi
onServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurity
MgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja
va:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(Container
StatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:241
7)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
sociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:60
5)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.NullPointerException
at
com.hannoverre.mmf.presentation.general.contract.ContractContentBaseForm
.getNotification(ContractContentBaseForm.java:2003)
... 57 more

===========Stacktrace End =========================
Frank Ratzlow
2005-05-23 10:54:39 UTC
Permalink
Hi,

unfortunately this is not an good option because the application (exactly
some of the actions) serve authorized and unauthorized users the same.
Afaik if a user sends his first request a session will be created for him
(default behaviour). Additionally we invalidate a session when a user
authorizes and store his credentials etc. in a newly created one.
I was quite sure that handling of an expired session could be done
declaratively. I feel some pain doing such a basic thing in proprietary
code. I rather think that this is something that should be handled by the
container. I just want to say, if your session expired, go to page xyz.
BTW: how can I determine via the API if a session expired? Is it possible
at all?

Regards

Frank




"Marco Mistroni" <***@waersystems.com>
23.05.2005 12:24
Bitte antworten an
"Struts Users Mailing List" <***@struts.apache.org>


An
"'Struts Users Mailing List'" <***@struts.apache.org>
Kopie

Thema
RE: howto redirect to login site after session expiration?






Hello,
Can't you use a ServletFilter that checks if user is in
the
session?
If it is not you will redirect the request to your loginpage.

Regards
marco

-----Original Message-----
From: Frank Ratzlow [mailto:***@adesso.de]
Sent: 23 May 2005 11:18
To: ***@struts.apache.org
Subject: howto redirect to login site after session expiration?

Hallo folks,

I encountered a strange behaviour regarding the population mechanics of
my
forms.

Following situation: I have my app running, the browser stays open with
a
html form to be filled. The http-session expires and the user submits
the
form to the server. The result is a http 500 error resulting from a NPE
caused while accessing the underlying struts form to populate.
What makes me wonder is the fact that although the session expired the
request is passed through the ActionServlet, a population of the
ActionForm is attempted and of course not be completed since the session

including it's objects are already removed.

I would like to see a redirect to an error site that I specify in the
web.xml or struts-config.xml in that case. How do I ensure that
unauthenticated users or users with an expired session are redirected to

such a specified site?

TIA

Frank

JBoss 3.2.3
Tomcat 4.1.29 (integrated)
Struts 1.1
JDK 1.4.2_06
Windows XP

===========Stacktrace Start=========================
11:16:00,140 ERROR [Engine] StandardWrapperValve[action]:
Servlet.service() for servlet action threw exception
javax.servlet.ServletException: BeanUtils.populate
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1254)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcess
or.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:
254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActi
onServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurity
MgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja
va:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(Container
StatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:241
7)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
sociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:60
5)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:677)
at java.lang.Thread.run(Thread.java:534)
11:16:00,140 ERROR [Engine] ----- Root Cause -----
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUt
ils.java:493)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUt
ils.java:428)
at
org.apache.commons.beanutils.PropertyUtils.getNestedProperty(PropertyUti
ls.java:770)
at
org.apache.commons.beanutils.PropertyUtils.getProperty(PropertyUtils.jav
a:801)
at
org.apache.commons.beanutils.BeanUtils.setProperty(BeanUtils.java:881)
at
org.apache.commons.beanutils.BeanUtils.populate(BeanUtils.java:808)
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1252)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcess
or.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:
254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActi
onServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurity
MgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja
va:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(Container
StatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:241
7)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
sociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:60
5)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.NullPointerException
at
com.hannoverre.mmf.presentation.general.contract.ContractContentBaseForm
.getNotification(ContractContentBaseForm.java:2003)
... 57 more

===========Stacktrace End =========================


---------------------------------------------------------------------
To unsubscribe, e-mail: user-***@struts.apache.org
For additional commands, e-mail: user-***@struts.apache.org
Marco Mistroni
2005-05-23 11:03:30 UTC
Permalink
Hello,
Post by Frank Ratzlow
container. I just want to say, if your session expired, go to page xyz.
BTW: how can I determine via the API if a session expired? Is it possible
at all?
I m not 100% sure, but will an HttpSessionListener help here?



Regards

Frank




"Marco Mistroni" <***@waersystems.com>
23.05.2005 12:24
Bitte antworten an
"Struts Users Mailing List" <***@struts.apache.org>


An
"'Struts Users Mailing List'" <***@struts.apache.org>
Kopie

Thema
RE: howto redirect to login site after session expiration?






Hello,
Can't you use a ServletFilter that checks if user is in

the
session?
If it is not you will redirect the request to your loginpage.

Regards
marco

-----Original Message-----
From: Frank Ratzlow [mailto:***@adesso.de]
Sent: 23 May 2005 11:18
To: ***@struts.apache.org
Subject: howto redirect to login site after session expiration?

Hallo folks,

I encountered a strange behaviour regarding the population mechanics of
my
forms.

Following situation: I have my app running, the browser stays open with
a
html form to be filled. The http-session expires and the user submits
the
form to the server. The result is a http 500 error resulting from a NPE
caused while accessing the underlying struts form to populate.
What makes me wonder is the fact that although the session expired the
request is passed through the ActionServlet, a population of the
ActionForm is attempted and of course not be completed since the session

including it's objects are already removed.

I would like to see a redirect to an error site that I specify in the
web.xml or struts-config.xml in that case. How do I ensure that
unauthenticated users or users with an expired session are redirected to

such a specified site?

TIA

Frank

JBoss 3.2.3
Tomcat 4.1.29 (integrated)
Struts 1.1
JDK 1.4.2_06
Windows XP

===========Stacktrace Start=========================
11:16:00,140 ERROR [Engine] StandardWrapperValve[action]:
Servlet.service() for servlet action threw exception
javax.servlet.ServletException: BeanUtils.populate
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1254)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcess
or.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:
254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActi
onServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurity
MgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja
va:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(Container
StatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:241
7)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
sociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:60
5)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:677)
at java.lang.Thread.run(Thread.java:534)
11:16:00,140 ERROR [Engine] ----- Root Cause -----
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUt
ils.java:493)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUt
ils.java:428)
at
org.apache.commons.beanutils.PropertyUtils.getNestedProperty(PropertyUti
ls.java:770)
at
org.apache.commons.beanutils.PropertyUtils.getProperty(PropertyUtils.jav
a:801)
at
org.apache.commons.beanutils.BeanUtils.setProperty(BeanUtils.java:881)
at
org.apache.commons.beanutils.BeanUtils.populate(BeanUtils.java:808)
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1252)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcess
or.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:
254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActi
onServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurity
MgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja
va:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(Container
StatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:241
7)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
sociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
80)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:60
5)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.NullPointerException
at
com.hannoverre.mmf.presentation.general.contract.ContractContentBaseForm
.getNotification(ContractContentBaseForm.java:2003)
... 57 more

===========Stacktrace End =========================


---------------------------------------------------------------------
To unsubscribe, e-mail: user-***@struts.apache.org
For additional commands, e-mail: user-***@struts.apache.org
Andrew Thorell
2005-05-23 14:03:37 UTC
Permalink
This is what I use...

<logic:present ...>
-- main body here --
</logic:present>
<logic:notPresent name=...>
<logic:redirect ...>
</logic:notPresent>

Now if you're talking about the person filled out the form (or
whatever) and then let the session expire.. The first thing I would
check in the Validate Method would be to see if the session attribute
I put there when logging in was actually there. As for the NPE, I
debug based on trial and error sometimes and since I don't have your
full logic flow I can't give you a for certain answer, just
suggestions.


if ( request.getAttribute(" ") == null) //not sure what getAttribute
returns if nothing is there.
{
mapping.findForward("expired");
}


Hope this helps,


Andrew
Frank Ratzlow
2005-05-23 15:00:42 UTC
Permalink
Hi,

okay, but this leads to a solution where I do have to ensure a manuell
redirect to the appropriate site by tracking session attributes. I thought
that the container is maintaining a list of expired sessions (or at least
valid sessions to figure out invalid sessions), so that I can _configure_
(web.xml sounds like a good place) what to do in the case of an expired
session, means a session id stored in this list.
The problem with the NPE is a general prob that applies to all use cases
where the user leaves some input site open in the browser and tries to
submit it after the session timed out. The Struts framework finds no bean
with bean with the formname specified in <html:form ...> in the newly
created session so it creates a new one. Afterwards it tries to populate
the bean but the new ActionForm isn't initialized yet (object graph) so
all access to nested properties will result in a failure.

However, checking and handling expired session is IMHO very low level
stuff the container should do for me. Isn't it?

Regards

Frank



Andrew Thorell <***@gmail.com>
23.05.2005 16:03
Bitte antworten an
"Struts Users Mailing List" <***@struts.apache.org>


An
Struts Users Mailing List <***@struts.apache.org>
Kopie

Thema
Re: Antwort: RE: howto redirect to login site after session expiration?






This is what I use...

<logic:present ...>
-- main body here --
</logic:present>
<logic:notPresent name=...>
<logic:redirect ...>
</logic:notPresent>

Now if you're talking about the person filled out the form (or
whatever) and then let the session expire.. The first thing I would
check in the Validate Method would be to see if the session attribute
I put there when logging in was actually there. As for the NPE, I
debug based on trial and error sometimes and since I don't have your
full logic flow I can't give you a for certain answer, just
suggestions.


if ( request.getAttribute(" ") == null) //not sure what getAttribute
returns if nothing is there.
{
mapping.findForward("expired");
}


Hope this helps,


Andrew

---------------------------------------------------------------------
To unsubscribe, e-mail: user-***@struts.apache.org
For additional commands, e-mail: user-***@struts.apache.org
Andrew Thorell
2005-05-23 15:15:51 UTC
Permalink
In part you are correct. You can try doing this:

in web.xml

<error-page>
<error-code> 404 </error-code>
<location>/pages/error.jsp</location>
</error-page>

This goes after <servlet-mapping> and before any <taglib> declarations.

The 404 can be replaced with any html error code you wish (as far as I know).

I'm getting an NPE error right now and the error code is 500. So you
can probably put that up. I don't use it (currently) because I like to
see the stack traces live instead of using log files to debug, but
when I release the site I put up real error pages and use web.xml.


I'm using Jboss 4.0.1sp1, so I'm making my comments on that premise,
so I can't guarentee any of my hasty generalizations will work on your
web container.

Hope this helps,

Andrew
Dakota Jack
2005-05-23 15:11:18 UTC
Permalink
I am of the opinion that this is too specific a situation for a
framework to take over. I really get irritated when frameworks plug
in stuff that should be taken care of at the application level. I do
think that making code available for people that want a prepackaged
solution in a "plugin" or "application" area relating to a framework
makes sense. I have beaten this drum to death on this list, however,
with no positive response. As things are with Struts, many
application specific matters are covered (Struts upload, the
"dispatch" Action subclssses, etc.) but most (shopping cart, etc) are
not. I wish there were a set of policies and procedures on this, but
just get the usual rigamoroles when a discussion on this is attempted.
I sure would not want the framework to put something in on this, like
with file uploads, that we would then have to work around.
Post by Frank Ratzlow
Hi,
okay, but this leads to a solution where I do have to ensure a manuell
redirect to the appropriate site by tracking session attributes. I thought
that the container is maintaining a list of expired sessions (or at least
valid sessions to figure out invalid sessions), so that I can _configure_
(web.xml sounds like a good place) what to do in the case of an expired
session, means a session id stored in this list.
The problem with the NPE is a general prob that applies to all use cases
where the user leaves some input site open in the browser and tries to
submit it after the session timed out. The Struts framework finds no bean
with bean with the formname specified in <html:form ...> in the newly
created session so it creates a new one. Afterwards it tries to populate
the bean but the new ActionForm isn't initialized yet (object graph) so
all access to nested properties will result in a failure.
However, checking and handling expired session is IMHO very low level
stuff the container should do for me. Isn't it?
Regards
Frank
23.05.2005 16:03
Bitte antworten an
An
Kopie
Thema
Re: Antwort: RE: howto redirect to login site after session expiration?
This is what I use...
<logic:present ...>
-- main body here --
</logic:present>
<logic:notPresent name=...>
<logic:redirect ...>
</logic:notPresent>
Now if you're talking about the person filled out the form (or
whatever) and then let the session expire.. The first thing I would
check in the Validate Method would be to see if the session attribute
I put there when logging in was actually there. As for the NPE, I
debug based on trial and error sometimes and since I don't have your
full logic flow I can't give you a for certain answer, just
suggestions.
if ( request.getAttribute(" ") == null) //not sure what getAttribute
returns if nothing is there.
{
mapping.findForward("expired");
}
Hope this helps,
Andrew
---------------------------------------------------------------------
--
"You can lead a horse to water but you cannot make it float on its back."
~Dakota Jack~
Frank Ratzlow
2005-05-23 15:29:33 UTC
Permalink
okay, but handling sessions is nothing special for a certain framework. I
tend to place it some where in the container area itself, how to react on
this condition. All the feedback I got so far (thanx ;-)) leads to an own
implementation of session tracking, whatever it looks like. I was
convinced I could rely on some container capabilities.

Regards

Frank



Dakota Jack <***@gmail.com>
23.05.2005 17:11
Bitte antworten an
"Struts Users Mailing List" <***@struts.apache.org>


An
Struts Users Mailing List <***@struts.apache.org>
Kopie

Thema
Re: Re: Antwort: RE: howto redirect to login site after session
expiration?






I am of the opinion that this is too specific a situation for a
framework to take over. I really get irritated when frameworks plug
in stuff that should be taken care of at the application level. I do
think that making code available for people that want a prepackaged
solution in a "plugin" or "application" area relating to a framework
makes sense. I have beaten this drum to death on this list, however,
with no positive response. As things are with Struts, many
application specific matters are covered (Struts upload, the
"dispatch" Action subclssses, etc.) but most (shopping cart, etc) are
not. I wish there were a set of policies and procedures on this, but
just get the usual rigamoroles when a discussion on this is attempted.
I sure would not want the framework to put something in on this, like
with file uploads, that we would then have to work around.
Post by Frank Ratzlow
Hi,
okay, but this leads to a solution where I do have to ensure a manuell
redirect to the appropriate site by tracking session attributes. I thought
that the container is maintaining a list of expired sessions (or at least
valid sessions to figure out invalid sessions), so that I can
_configure_
Post by Frank Ratzlow
(web.xml sounds like a good place) what to do in the case of an expired
session, means a session id stored in this list.
The problem with the NPE is a general prob that applies to all use cases
where the user leaves some input site open in the browser and tries to
submit it after the session timed out. The Struts framework finds no bean
with bean with the formname specified in <html:form ...> in the newly
created session so it creates a new one. Afterwards it tries to populate
the bean but the new ActionForm isn't initialized yet (object graph) so
all access to nested properties will result in a failure.
However, checking and handling expired session is IMHO very low level
stuff the container should do for me. Isn't it?
Regards
Frank
23.05.2005 16:03
Bitte antworten an
An
Kopie
Thema
Re: Antwort: RE: howto redirect to login site after session expiration?
This is what I use...
<logic:present ...>
-- main body here --
</logic:present>
<logic:notPresent name=...>
<logic:redirect ...>
</logic:notPresent>
Now if you're talking about the person filled out the form (or
whatever) and then let the session expire.. The first thing I would
check in the Validate Method would be to see if the session attribute
I put there when logging in was actually there. As for the NPE, I
debug based on trial and error sometimes and since I don't have your
full logic flow I can't give you a for certain answer, just
suggestions.
if ( request.getAttribute(" ") == null) //not sure what getAttribute
returns if nothing is there.
{
mapping.findForward("expired");
}
Hope this helps,
Andrew
---------------------------------------------------------------------
--
"You can lead a horse to water but you cannot make it float on its back."
~Dakota Jack~

---------------------------------------------------------------------
To unsubscribe, e-mail: user-***@struts.apache.org
For additional commands, e-mail: user-***@struts.apache.org
Rick Reumann
2005-05-23 17:25:27 UTC
Permalink
Frank Ratzlow wrote the following on 5/23/2005 6:54 AM:
some of the actions) serve authorized and unauthorized users the same.
Post by Frank Ratzlow
Afaik if a user sends his first request a session will be created for him
(default behaviour). Additionally we invalidate a session when a user
authorizes and store his credentials etc. in a newly created one.
I'm not exactly sure what you mean above about the default behavior
creating a Sesion? I use a Filter to test for the Session and it works
fine...

in my doFilter(..) method...

HttpSession session = request.getSession(false);
if (session == null) {
response.sendRedirect(contextPath+"/sessionTimeOut.jsp");
return;
}

Why wouldn't something like the above work?

I also don't test certain paths with this filter so not all paths are
checked for a valid session (ie if they go right to the login page
obviously I don't want to test for a Session yet.)
--
Rick
Dakota Jack
2005-05-23 14:46:38 UTC
Permalink
If you keep a user object in session, just check at the beginning of
the Action whether it is still with you. If not, forward to a log on
page. I assume that will work for you. If you don't have a user
object in session, whether authorized or not, then you can put a
simple String iin session saying "live" to test the session.
Post by Frank Ratzlow
Hallo folks,
I encountered a strange behaviour regarding the population mechanics of my
forms.
Following situation: I have my app running, the browser stays open with a
html form to be filled. The http-session expires and the user submits the
form to the server. The result is a http 500 error resulting from a NPE
caused while accessing the underlying struts form to populate.
What makes me wonder is the fact that although the session expired the
request is passed through the ActionServlet, a population of the
ActionForm is attempted and of course not be completed since the session
including it's objects are already removed.
I would like to see a redirect to an error site that I specify in the
web.xml or struts-config.xml in that case. How do I ensure that
unauthenticated users or users with an expired session are redirected to
such a specified site?
TIA
Frank
JBoss 3.2.3
Tomcat 4.1.29 (integrated)
Struts 1.1
JDK 1.4.2_06
Windows XP
===========Stacktrace Start=========================
Servlet.service() for servlet action threw exception
javax.servlet.ServletException: BeanUtils.populate
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1254)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcessor.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActionServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(ContainerStatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:605)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:677)
at java.lang.Thread.run(Thread.java:534)
11:16:00,140 ERROR [Engine] ----- Root Cause -----
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUtils.java:493)
at
org.apache.commons.beanutils.PropertyUtils.getIndexedProperty(PropertyUtils.java:428)
at
org.apache.commons.beanutils.PropertyUtils.getNestedProperty(PropertyUtils.java:770)
at
org.apache.commons.beanutils.PropertyUtils.getProperty(PropertyUtils.java:801)
at
org.apache.commons.beanutils.BeanUtils.setProperty(BeanUtils.java:881)
at
org.apache.commons.beanutils.BeanUtils.populate(BeanUtils.java:808)
at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1252)
at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcessor.java:821)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:254)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at
com.hannoverre.mmf.presentation.general.MMFActionServlet.process(MMFActionServlet.java:126)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:220)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(ContainerStatsValve.java:76)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:65)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:549)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:605)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.NullPointerException
at
com.hannoverre.mmf.presentation.general.contract.ContractContentBaseForm.getNotification(ContractContentBaseForm.java:2003)
... 57 more
===========Stacktrace End =========================
--
"You can lead a horse to water but you cannot make it float on its back."
~Dakota Jack~
Loading...