use of com.opensymphony.xwork2.ActionInvocation in project KeyBox by skavanagh.
the class HTTPStrictTransportSecurityInterceptor method intercept.
@Override
public String intercept(ActionInvocation invocation) throws Exception {
ActionContext context = invocation.getInvocationContext();
HttpServletResponse response = (HttpServletResponse) context.get(StrutsStatics.HTTP_RESPONSE);
String headerValue = MAX_AGE + ONE_YEAR;
response.addHeader(HEADER, headerValue);
return invocation.invoke();
}
use of com.opensymphony.xwork2.ActionInvocation in project bamboobsc by billchen198318.
the class UserLoginInterceptor method intercept.
@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
ActionContext actionContext = actionInvocation.getInvocationContext();
Map<String, Object> session = actionContext.getSession();
this.accountObj = (AccountObj) session.get(Constants.SESS_ACCOUNT);
boolean fromCookieCheckOrRetySubjectLogin = false;
// 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
boolean getUserCurrentCookieFail = false;
String contextPath = ServletActionContext.getServletContext().getContextPath();
if (!contextPath.endsWith(ApplicationSiteUtils.getContextPathFromMap(Constants.getMainSystem()))) {
/**
* 1. 先用admin登入
* 2. 登出admin 改用 tester登入
* 這樣的話 gsbsc-web 的 http-session 還是admin , 所以非core-web 要檢查當前CURRENT cookie 中的帳戶是否與 gsbsc-web 一樣
* 要是不同的話就讓這個 http-session 失效掉
*/
this.invalidCurrentSessionForDifferentAccount(actionContext);
SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
Subject subject = SecurityUtils.getSubject();
if (accountObj == null) {
fromCookieCheckOrRetySubjectLogin = getUserCurrentCookie(actionContext);
if (!fromCookieCheckOrRetySubjectLogin && UserCurrentCookie.foundCurrent((HttpServletRequest) actionContext.get(StrutsStatics.HTTP_REQUEST))) {
// 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
getUserCurrentCookieFail = true;
}
}
if (accountObj != null && !subject.isAuthenticated()) {
fromCookieCheckOrRetySubjectLogin = true;
}
}
if (accountObj != null && !StringUtils.isBlank(accountObj.getAccount())) {
if (uSessLogHelper.countByAccount(accountObj.getAccount()) < 1) {
return this.redirectLogin(session, getUserCurrentCookieFail);
}
if (fromCookieCheckOrRetySubjectLogin) {
// core-web 有 session了, 但gsbsc-web 沒有session, 所以產生gsbsc-web 的 http session
SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
Subject subject = SecurityUtils.getSubject();
GreenStepBaseUsernamePasswordToken token = new GreenStepBaseUsernamePasswordToken();
token.setRememberMe(false);
token.setCaptcha("");
token.setUsername(accountObj.getAccount());
token.setPassword(((AccountVO) accountObj).getPassword().toCharArray());
if (!subject.isAuthenticated()) {
subject.login(token);
}
UserAccountHttpSessionSupport.create(actionContext, accountObj);
}
return actionInvocation.invoke();
}
return this.redirectLogin(session, getUserCurrentCookieFail);
}
use of com.opensymphony.xwork2.ActionInvocation in project bamboobsc by billchen198318.
the class NoCacheHeaderInterceptor method intercept.
@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
ActionContext context = actionInvocation.getInvocationContext();
HttpServletResponse response = (HttpServletResponse) context.get(StrutsStatics.HTTP_RESPONSE);
if (response != null) {
response.setHeader("Cache-control", "no-cache, no-store");
response.setHeader("Pragma", "no-cache");
response.setHeader("Expires", "0");
}
return actionInvocation.invoke();
}
use of com.opensymphony.xwork2.ActionInvocation in project bamboobsc by billchen198318.
the class BaseSimpleActionInfo method handlerActionAnnotations.
public void handlerActionAnnotations() {
if (this.actionAnnotations != null) {
return;
}
ActionInvocation actionInvocation = ActionContext.getContext().getActionInvocation();
this.actionAnnotations = actionInvocation.getAction().getClass().getAnnotations();
Method[] methods = actionInvocation.getAction().getClass().getMethods();
for (Method method : methods) {
if (this.actionMethodName.equals(method.getName())) {
this.actionMethodAnnotations = method.getAnnotations();
}
}
}
use of com.opensymphony.xwork2.ActionInvocation in project dhis2-core by dhis2.
the class LoginInterceptor method intercept.
@Override
public String intercept(ActionInvocation invocation) throws Exception {
Boolean jli = (Boolean) ServletActionContext.getRequest().getSession().getAttribute(LoginInterceptor.JLI_SESSION_VARIABLE);
if (jli != null) {
log.debug("JLI marker is present. Running " + actions.size() + " JLI actions.");
for (Action a : actions) {
a.execute();
}
ServletActionContext.getRequest().getSession().removeAttribute(LoginInterceptor.JLI_SESSION_VARIABLE);
}
return invocation.invoke();
}
Aggregations