How to handle Action's form data that is not coming from JSP in Struts 2?

Question

I have a form in search.jsp

<s:form name="employeeSearchForm" action="searchAction" method="post">
    <s:textfield name="id" label="Employee ID"/>
    <s:textfield name="name" label="Employee Name"/>
    <s:submit/>
</s:form>

In struts.xml

<package name="example" namespace="/" extends="default">

    <action name="searchAction" class="example.SearchAction">
        <result>/example/search.jsp</result>
    </action>

</package>

Then the SearchAction class

public class SearchAction extends ActionSupport {

    private String id;
    private String name;

    @Override
    public String execute() throws Exception {

        if ("".equals(id.trim())) {    //#1

        ...

    }

    ...
}

See the #1 line code, if I clicked submit button from the Form in search.jsp, the id field will not be null, but if I open http://127.0.0.1:8080/myapps/searchAction.action directly, id field will be null.

In this case, I can use field check in SearchAction.exeucte(), e.g. if (id != null) , but I doubt if it's the most elegant way.

Anyone can suggest better way?

score 1 · Accepted Answer · answered Nov 11 '12 at 11:09

1

private String id=""; \quick fix.

But app shouldn't allow the user hitting the action directly user should be authenticated and/or authorized before.

answered Nov 11 '12 at 11:09

MohanaRao SV

1,117
1
8
22

Thanks, it works. How to authenticate user or prevent user hitting action directly? I'm curious. – null Nov 11 '12 at 12:19

score 0 · Answer 2 · answered Nov 11 '12 at 12:20

0

In web environment it is usually hard to tell whether user provided input or not (empty vs null). In your case you can validate values using Struts2 validation http://struts.apache.org/2.x/docs/validation.html.

answered Nov 11 '12 at 12:20

Aleksandr M

24,264
12
69
143

How to handle Action's form data that is not coming from JSP in Struts 2?

2 Answers2