use of com.opensymphony.xwork2.ActionContext in project KeyBox by skavanagh.
the class HTTPStrictTransportSecurityInterceptor method intercept.
@Override
public String intercept(ActionInvocation invocation) throws Exception {
ActionContext context = invocation.getInvocationContext();
HttpServletResponse response = (HttpServletResponse) context.get(StrutsStatics.HTTP_RESPONSE);
String headerValue = MAX_AGE + ONE_YEAR;
response.addHeader(HEADER, headerValue);
return invocation.invoke();
}
use of com.opensymphony.xwork2.ActionContext in project entando-core by entando.
the class ApsAdminBaseTestCase method executeAction.
protected String executeAction() throws Throwable {
ActionContext ac = this._proxy.getInvocation().getInvocationContext();
ac.setParameters(HttpParameters.create(this._request.getParameterMap()).build());
ac.getParameters().appendAll(this._parameters);
String result = this._proxy.execute();
return result;
}
use of com.opensymphony.xwork2.ActionContext in project bamboobsc by billchen198318.
the class UserLoginInterceptor method intercept.
@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
ActionContext actionContext = actionInvocation.getInvocationContext();
Map<String, Object> session = actionContext.getSession();
this.accountObj = (AccountObj) session.get(Constants.SESS_ACCOUNT);
boolean fromCookieCheckOrRetySubjectLogin = false;
// 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
boolean getUserCurrentCookieFail = false;
String contextPath = ServletActionContext.getServletContext().getContextPath();
if (!contextPath.endsWith(ApplicationSiteUtils.getContextPathFromMap(Constants.getMainSystem()))) {
/**
* 1. 先用admin登入
* 2. 登出admin 改用 tester登入
* 這樣的話 gsbsc-web 的 http-session 還是admin , 所以非core-web 要檢查當前CURRENT cookie 中的帳戶是否與 gsbsc-web 一樣
* 要是不同的話就讓這個 http-session 失效掉
*/
this.invalidCurrentSessionForDifferentAccount(actionContext);
SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
Subject subject = SecurityUtils.getSubject();
if (accountObj == null) {
fromCookieCheckOrRetySubjectLogin = getUserCurrentCookie(actionContext);
if (!fromCookieCheckOrRetySubjectLogin && UserCurrentCookie.foundCurrent((HttpServletRequest) actionContext.get(StrutsStatics.HTTP_REQUEST))) {
// 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
getUserCurrentCookieFail = true;
}
}
if (accountObj != null && !subject.isAuthenticated()) {
fromCookieCheckOrRetySubjectLogin = true;
}
}
if (accountObj != null && !StringUtils.isBlank(accountObj.getAccount())) {
if (uSessLogHelper.countByAccount(accountObj.getAccount()) < 1) {
return this.redirectLogin(session, getUserCurrentCookieFail);
}
if (fromCookieCheckOrRetySubjectLogin) {
// core-web 有 session了, 但gsbsc-web 沒有session, 所以產生gsbsc-web 的 http session
SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
Subject subject = SecurityUtils.getSubject();
GreenStepBaseUsernamePasswordToken token = new GreenStepBaseUsernamePasswordToken();
token.setRememberMe(false);
token.setCaptcha("");
token.setUsername(accountObj.getAccount());
token.setPassword(((AccountVO) accountObj).getPassword().toCharArray());
if (!subject.isAuthenticated()) {
subject.login(token);
}
UserAccountHttpSessionSupport.create(actionContext, accountObj);
}
return actionInvocation.invoke();
}
return this.redirectLogin(session, getUserCurrentCookieFail);
}
use of com.opensymphony.xwork2.ActionContext in project bamboobsc by billchen198318.
the class NoCacheHeaderInterceptor method intercept.
@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
ActionContext context = actionInvocation.getInvocationContext();
HttpServletResponse response = (HttpServletResponse) context.get(StrutsStatics.HTTP_RESPONSE);
if (response != null) {
response.setHeader("Cache-control", "no-cache, no-store");
response.setHeader("Pragma", "no-cache");
response.setHeader("Expires", "0");
}
return actionInvocation.invoke();
}
use of com.opensymphony.xwork2.ActionContext in project onebusaway-application-modules by camsys.
the class TextmarksSessionInterceptor method intercept.
@Override
public String intercept(ActionInvocation invocation) throws Exception {
processGoogleAnalytics();
ActionContext context = invocation.getInvocationContext();
Map<String, Object> parameters = context.getParameters();
Object phoneNumber = parameters.get(_phoneNumberParameterName);
if (phoneNumber == null)
return invocation.invoke();
if (phoneNumber instanceof String[]) {
String[] values = (String[]) phoneNumber;
if (values.length == 0)
return invocation.invoke();
phoneNumber = values[0];
}
String sessionId = phoneNumber.toString();
Map<String, Object> persistentSession = _sessionManager.getContext(sessionId);
Map<String, Object> originalSession = context.getSession();
context.setSession(persistentSession);
XWorkRequestAttributes attributes = new XWorkRequestAttributes(context, sessionId);
RequestAttributes originalAttributes = RequestContextHolder.getRequestAttributes();
RequestContextHolder.setRequestAttributes(attributes);
Object action = invocation.getAction();
if (action instanceof SessionAware)
((SessionAware) action).setSession(persistentSession);
try {
return invocation.invoke();
} finally {
RequestContextHolder.setRequestAttributes(originalAttributes);
context.setSession(originalSession);
}
}
Aggregations