Redirect to another action in an interceptor in struts 2

Question

I am currently in the process of learning Struts 2 and I am currently building a simple application where unverified users are redirected to a login form.

I have a login form and action functional which takes the users credentials, verifies them and stores a User object in the session however I am now trying to prevent access to pages before the login has taken place and I am trying to do this with an interceptor.

My problem is that I have written an interceptor that checks whether the User object has been saved in the session but if it has not I want to redirect to the login page and can't find any way of doing this without bypassing struts and using the HttpServletResponse.sendRedirect method

Configuration:

<package name="mypackage" extends="struts-default" namespace="/admin">

    <interceptors>
        <interceptor name="login" class="my.LoginInterceptor" />
    </interceptors>

    <default-interceptor-ref name="login"/>

    <action name="login" class="my.LoginAction">
        <result name="input">/admin/login.jsp</result>
        <result name="success" type="redirect">/admin</result>
    </action>

    <action name="private" class="my.PrivateAction">
        <result>/admin/private.jsp</result>
    </action>

</package>

The interceptor code:

@Override
public String intercept(ActionInvocation inv) throws Exception {

    Map<String, Object> session = inv.getInvocationContext().getSession();

    Object user = session.get("user");
    if(user == null) {

                      // redirect to the 'login' action here            

    }
    else {
        return inv.invoke();
    }

}

Answer 1

The standard way is to return a special global result (eg "login") and define a global mapping from that result to your admin/login.jsp. So you just must add this line:

if(user == null) {
      return "login";
}

And in your struts.xml:

<global-results>
   <result name="login">/admin/login.jsp</result>
</global-results>

BTW, I'm afraid that you are replacing the default Struts2 interceptor stack with your single interceptor, normally you want to add your interceptor to the stack. Eg:

<interceptors>
 <interceptor name="login" class="my.LoginInterceptor" />

 <interceptor-stack name="stack-with-login">
  <interceptor-ref name="login"/>
  <interceptor-ref name="defaultStack"/>
 </interceptor-stack>
</interceptors>
<default-interceptor-ref name="stack-with-login"/>

BTW2: You must NOT apply the interceptor to your login action, of course.

Answer 2

You can find the complete example of struts2 with a custom Login Interceptor here

http://sandeepbhardwaj.github.io/2010/12/01/struts2-with-login-interceptor.html

great tutorial.

Answer 3

If you need to use send redirect, return null to avoid this problem (example redirecting from www.domain.com to domain.com):

public String intercept(final ActionInvocation invocation) throws Exception {

    String url=RequestUtil.getURLWithParams();  //you should implement this
    int index=url.indexOf("www");
    if (index!=-1 && index<10) {
        //Note: <10 to check that the www is in the domain main url
        //https://localhost:8443/mycontext/myaction.action?oneparam=http://www.youtube.com/user/someuser
        String redirection=url.replaceFirst("www\\.", ""); 
        LOG.debug("Redirection from "+url+" to "+redirection);
        RequestUtil.getResponse().setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
        RequestUtil.getResponse().sendRedirect(redirection);
        return null;
    }
    return invocation.invoke();
}