Search in sources :

Example 1 with ActionContext

use of com.opensymphony.xwork2.ActionContext in project KeyBox by skavanagh.

the class HTTPStrictTransportSecurityInterceptor method intercept.

@Override
public String intercept(ActionInvocation invocation) throws Exception {
    ActionContext context = invocation.getInvocationContext();
    HttpServletResponse response = (HttpServletResponse) context.get(StrutsStatics.HTTP_RESPONSE);
    String headerValue = MAX_AGE + ONE_YEAR;
    response.addHeader(HEADER, headerValue);
    return invocation.invoke();
}
Also used : HttpServletResponse(javax.servlet.http.HttpServletResponse) ActionContext(com.opensymphony.xwork2.ActionContext)

Example 2 with ActionContext

use of com.opensymphony.xwork2.ActionContext in project entando-core by entando.

the class ApsAdminBaseTestCase method executeAction.

protected String executeAction() throws Throwable {
    ActionContext ac = this._proxy.getInvocation().getInvocationContext();
    ac.setParameters(HttpParameters.create(this._request.getParameterMap()).build());
    ac.getParameters().appendAll(this._parameters);
    String result = this._proxy.execute();
    return result;
}
Also used : ActionContext(com.opensymphony.xwork2.ActionContext) ServletActionContext(org.apache.struts2.ServletActionContext)

Example 3 with ActionContext

use of com.opensymphony.xwork2.ActionContext in project bamboobsc by billchen198318.

the class UserLoginInterceptor method intercept.

@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
    ActionContext actionContext = actionInvocation.getInvocationContext();
    Map<String, Object> session = actionContext.getSession();
    this.accountObj = (AccountObj) session.get(Constants.SESS_ACCOUNT);
    boolean fromCookieCheckOrRetySubjectLogin = false;
    // 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
    boolean getUserCurrentCookieFail = false;
    String contextPath = ServletActionContext.getServletContext().getContextPath();
    if (!contextPath.endsWith(ApplicationSiteUtils.getContextPathFromMap(Constants.getMainSystem()))) {
        /**
			 * 1. 先用admin登入
			 * 2. 登出admin 改用 tester登入
			 * 這樣的話 gsbsc-web 的 http-session 還是admin , 所以非core-web 要檢查當前CURRENT cookie 中的帳戶是否與 gsbsc-web 一樣
			 * 要是不同的話就讓這個 http-session 失效掉
			 */
        this.invalidCurrentSessionForDifferentAccount(actionContext);
        SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
        Subject subject = SecurityUtils.getSubject();
        if (accountObj == null) {
            fromCookieCheckOrRetySubjectLogin = getUserCurrentCookie(actionContext);
            if (!fromCookieCheckOrRetySubjectLogin && UserCurrentCookie.foundCurrent((HttpServletRequest) actionContext.get(StrutsStatics.HTTP_REQUEST))) {
                // 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
                getUserCurrentCookieFail = true;
            }
        }
        if (accountObj != null && !subject.isAuthenticated()) {
            fromCookieCheckOrRetySubjectLogin = true;
        }
    }
    if (accountObj != null && !StringUtils.isBlank(accountObj.getAccount())) {
        if (uSessLogHelper.countByAccount(accountObj.getAccount()) < 1) {
            return this.redirectLogin(session, getUserCurrentCookieFail);
        }
        if (fromCookieCheckOrRetySubjectLogin) {
            // core-web 有 session了, 但gsbsc-web 沒有session, 所以產生gsbsc-web 的 http session		
            SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
            Subject subject = SecurityUtils.getSubject();
            GreenStepBaseUsernamePasswordToken token = new GreenStepBaseUsernamePasswordToken();
            token.setRememberMe(false);
            token.setCaptcha("");
            token.setUsername(accountObj.getAccount());
            token.setPassword(((AccountVO) accountObj).getPassword().toCharArray());
            if (!subject.isAuthenticated()) {
                subject.login(token);
            }
            UserAccountHttpSessionSupport.create(actionContext, accountObj);
        }
        return actionInvocation.invoke();
    }
    return this.redirectLogin(session, getUserCurrentCookieFail);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) GreenStepBaseUsernamePasswordToken(com.netsteadfast.greenstep.sys.GreenStepBaseUsernamePasswordToken) ActionContext(com.opensymphony.xwork2.ActionContext) ServletActionContext(org.apache.struts2.ServletActionContext) AccountVO(com.netsteadfast.greenstep.vo.AccountVO) Subject(org.apache.shiro.subject.Subject)

Example 4 with ActionContext

use of com.opensymphony.xwork2.ActionContext in project bamboobsc by billchen198318.

the class NoCacheHeaderInterceptor method intercept.

@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
    ActionContext context = actionInvocation.getInvocationContext();
    HttpServletResponse response = (HttpServletResponse) context.get(StrutsStatics.HTTP_RESPONSE);
    if (response != null) {
        response.setHeader("Cache-control", "no-cache, no-store");
        response.setHeader("Pragma", "no-cache");
        response.setHeader("Expires", "0");
    }
    return actionInvocation.invoke();
}
Also used : HttpServletResponse(javax.servlet.http.HttpServletResponse) ActionContext(com.opensymphony.xwork2.ActionContext)

Example 5 with ActionContext

use of com.opensymphony.xwork2.ActionContext in project onebusaway-application-modules by camsys.

the class TextmarksSessionInterceptor method intercept.

@Override
public String intercept(ActionInvocation invocation) throws Exception {
    processGoogleAnalytics();
    ActionContext context = invocation.getInvocationContext();
    Map<String, Object> parameters = context.getParameters();
    Object phoneNumber = parameters.get(_phoneNumberParameterName);
    if (phoneNumber == null)
        return invocation.invoke();
    if (phoneNumber instanceof String[]) {
        String[] values = (String[]) phoneNumber;
        if (values.length == 0)
            return invocation.invoke();
        phoneNumber = values[0];
    }
    String sessionId = phoneNumber.toString();
    Map<String, Object> persistentSession = _sessionManager.getContext(sessionId);
    Map<String, Object> originalSession = context.getSession();
    context.setSession(persistentSession);
    XWorkRequestAttributes attributes = new XWorkRequestAttributes(context, sessionId);
    RequestAttributes originalAttributes = RequestContextHolder.getRequestAttributes();
    RequestContextHolder.setRequestAttributes(attributes);
    Object action = invocation.getAction();
    if (action instanceof SessionAware)
        ((SessionAware) action).setSession(persistentSession);
    try {
        return invocation.invoke();
    } finally {
        RequestContextHolder.setRequestAttributes(originalAttributes);
        context.setSession(originalSession);
    }
}
Also used : SessionAware(org.apache.struts2.interceptor.SessionAware) XWorkRequestAttributes(org.onebusaway.presentation.impl.users.XWorkRequestAttributes) XWorkRequestAttributes(org.onebusaway.presentation.impl.users.XWorkRequestAttributes) RequestAttributes(org.springframework.web.context.request.RequestAttributes) ActionContext(com.opensymphony.xwork2.ActionContext)

Aggregations

ActionContext (com.opensymphony.xwork2.ActionContext)32 ValueStack (com.opensymphony.xwork2.util.ValueStack)15 AgiActionName (org.onebusaway.probablecalls.AgiActionName)7 ActionProxy (com.opensymphony.xwork2.ActionProxy)6 ServletActionContext (org.apache.struts2.ServletActionContext)6 ActionInvocation (com.opensymphony.xwork2.ActionInvocation)5 List (java.util.List)5 HttpServletResponse (javax.servlet.http.HttpServletResponse)5 HashMap (java.util.HashMap)4 Locale (java.util.Locale)4 Map (java.util.Map)4 HttpServletRequest (javax.servlet.http.HttpServletRequest)4 XWorkRequestAttributes (org.onebusaway.presentation.impl.users.XWorkRequestAttributes)3 StopBean (org.onebusaway.transit_data.model.StopBean)3 IOException (java.io.IOException)2 SessionAware (org.apache.struts2.interceptor.SessionAware)2 Test (org.junit.Test)2 BookmarkWithStopsBean (org.onebusaway.presentation.model.BookmarkWithStopsBean)2 NameBean (org.onebusaway.transit_data.model.NameBean)2 RouteBean (org.onebusaway.transit_data.model.RouteBean)2