5

I am trying to access session object from within my interceptor by implementing SessionAware interface (I've implemented the setSession method), but I am not able to get my session object this way.

Then I tried ActionContext.getContext().getSession() and I am able to get the session, but I don't know but its coming out to be empty for only the first time in every browser for every user & then it comes filled when another action is invoked.

I assume there is something wrong going with the session. Why is it giving me an empty session only for the first time? Does it set something only after giving empty session for the first time?

If this is the case then everyone will be shown as guest on their first request & then with a username on their 2nd request & hence forth.

Or am I getting the session in the wrong way?

I saw code to get sessions in interceptors, but this does not work for me as it cannot find the constant HTTP_REQUEST. 

final ActionContext context = invocation.getInvocationContext();

HttpServletRequest request = (HttpServletRequest) context.get(HTTP_REQUEST);

HttpSession session = request.getSession(true);

Object user = session.getAttribute(Constants.USER_HANDLE);

Any suggestion on resolving any of the problems?

Something I forgot to mention - my website is a secure site(https), so if the user is not logged in, it would not let him enter the website & if he is logged in, at least his username should be there in the session. Shouldn't it be?

Dave Newton
  • 158,873
  • 26
  • 254
  • 302
Sachin Midha
  • 1,068
  • 2
  • 8
  • 11
  • You need to provide more details on when the username is placed into the session. How is the login being handled? – Steven Benitez Aug 14 '11 at 19:51
  • The kerberos username is being placed inside the session by servlet-config interceptor. But it is placing it only on the 2nd request & this is causing me a problem... – Sachin Midha Aug 16 '11 at 03:09
  • 1
    `ServletConfigInterceptor` sets values on actions but does not put anything in session. As it stands, your question does not provide enough information for me to help you. Does the `HttpServletRequest.getUserPrincipal()` contain the information about the user that you need? – Steven Benitez Aug 16 '11 at 03:27
  • ok. But I am getting these values on the 2nd action invocation inside my session. How am I getting that?servlet-config must be putting it during/after the execution of action, can it be? I'll check with getUserPrincipal() and let you know. But will this userPrincipal be set before execution reaches any action? – Sachin Midha Aug 16 '11 at 03:49
  • Don't take my word for it, look at the source of `ServletConfigInterceptor`. It doesn't put anything in session. It just injects various things into your action. :) And yes, the user principal should be set prior to your action being invoked. – Steven Benitez Aug 16 '11 at 16:12

5 Answers5

3

I have an interceptor that also grabs the session as a map. Have you tried something like this? This works for me.

public String intercept( ActionInvocation actionInvocation ) throws Exception {
    Map session = actionInvocation.getInvocationContext().getSession();
Shawn D.
  • 7,895
  • 8
  • 35
  • 47
1

You can use the following to return the HttpSession -- and create it if it doesn't exist.

HttpSession session = ServletActionContext.getRequest().getSession(true);

If you need the Map instead, then you can just call this right after that last call (since you passed true, the session would have been created and the next call will return a blank session map).

Map<String, Object> session = ActionContext.getContext().getSession();

Alternatively, you can use the CreateSessionInterceptor early in your stack so that the session is created by the time you need it. Then just use the map example above to get it.

FYI: ServletActionContext is a subclass of ActionContext that just has convenience methods for getting the request and response without needing to use the constants like you were trying in your example.

Steven Benitez
  • 10,936
  • 3
  • 39
  • 50
  • Yes I can create a session, but this is not something I can do in my case. I need to get the kerberos username from the session, thus creating a session would be of no use to me. I hope you get my point. – Sachin Midha Aug 12 '11 at 17:46
  • What is placing the kerberos username into the session? – Steven Benitez Aug 12 '11 at 19:38
  • shouldn't it be there if the user is logged in? I get the username automatically on the second action invocation, and I haven't done anything to place it on the 2nd request. – Sachin Midha Aug 14 '11 at 05:47
  • No, things don't just appear in your session. You have to put them there. – Steven Benitez Aug 14 '11 at 19:50
  • Ok. So how does the username come inside my session on the second request? Something must be setting it there & its not me. So how do I get to know what is setting it there? Also, the username is not even coming from request.getUser() method. Then how do I get the kerberos username? – Sachin Midha Aug 15 '11 at 06:56
0

Try this. It worked for me in struts 2.0.14.

public String intercept(ActionInvocation ai) throws Exception {

     Map session = ActionContext.getContext().getSession();
Prabhakar Manthena
  • 2,223
  • 3
  • 16
  • 30
0

You can get the session on Interceptor using ActionContext itself...refer the following code snippet:

SessionMap<String, Object> session = ActionContext.getContext().getSession();

or alternatively you can follow this approach: The request is available on the ActionContext instance, which is made available via ThreadLocal.

HttpServletRequest request = ServletActionContext.getRequest();
HttpSession session = request.getSession(true);
Pravin Mandge
  • 1
  • 2
-1

Add the import:

import org.apache.struts2.StrutsStatics;
Serjik
  • 10,543
  • 8
  • 61
  • 70
abc
  • 1