Link to home
Start Free TrialLog in
Avatar of curious81
curious81

asked on

Problem in getting form based authentication with weblogic and struts

Hi,
   I am working on an application. It is using Weblogic as app server and struts framework. I am trying to use form based authentication to authenticate users at the presentation tier. I am having issues getting FBA working using struts, although I am able to make it working if I am not using struts. I will put some code snippets here to explain how it is not working with struts:

jsp:
 <html:form name="loginForm" method="post" action="j_security_check" type="com.org.project.form.LoginForm" onSubmit="javascript:clicked(this)">
    <td width="292" valign="top"><p><img src="../public/images/tcc/existing_pv_user.gif" width="291" height="43"></p>
      <table width="85%"  border="0" align="center" cellpadding="2" cellspacing="0">
      <tr>
        <td colspan="2" class="body"><strong>Username:</strong></td>
        </tr><tr> <td colspan="2">
<html:text property="j_username" size="42"/>
</td> </tr> <tr>
   <td colspan="2" class="body"><strong>Password:</strong></td>
   </tr> <tr> <td colspan="2">
<html:password property="j_password" size="42"/>

struts config looks like:
        <action
            path="j_security_check"
            type="com.org.project.action.LoginAction"
            name="loginForm"
            scope="session">
<forward name="success" path="/html-jsp/welcome.jsp"/>            
        </action>  

        <form-bean
            name="loginForm"
            type="com.org.project.form.LoginForm">
       </form-bean>

The error I get when I run this:
javax.servlet.jsp.JspException: Cannot retrieve mapping for action /j_security_check
      at org.apache.struts.taglib.html.FormTag.lookup(FormTag.java:810)
      at org.apache.struts.taglib.html.FormTag.doStartTag(FormTag.java:506)
      at jsp_servlet._html_45_jsp.__epvlogin._jsp__tag2(__epvlogin.java:211)
      at jsp_servlet._html_45_jsp.__epvlogin._jsp__tag0(__epvlogin.java:152)
      at jsp_servlet._html_45_jsp.__epvlogin._jspService(__epvlogin.java:116)
      at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)

If I put /j_security_check in struts-config, i dont get the error, but then the form based authentication does not work because it uses j_security_check as a keyword. It appends /context-name/j_security_check.do in the view siurce if I put a slash in the struts-config.xml.

I am confident that web.xml and weblogic.xml entries are correct because form based authentication works if I do not use struts in the jsp. Has anyone faced this problem when using form based authentication with struts?

Thanks!
ASKER CERTIFIED SOLUTION
Avatar of ECollin
ECollin

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of curious81
curious81

ASKER

Thanks,
I could not use struts if I was using JAAS form based authentication!
Hi Curious81,

I am in exact same situation as you are with struts-tags in login page and struts-config.xml.

I also want to use JAAS form based authentication. Did you have to compromise by not using struts tags in form but just the use basic html tags? But what if we want to submit the request of j_security_check to some Struts-action class? If we use plain html then its not using the hiddne variable to go certain struts actionclass's method. I am attaching my code:
Login.jsp
 
<%@ taglib prefix="bean" uri="http://struts.apache.org/tags-bean" %>
<%@ taglib prefix="html" uri="http://struts.apache.org/tags-html" %>
 
<html:html>
  <head>  
    <title><bean:message key="gcc.title"/></title>
    
  </head>
   <body onload="document.LoginForm.j_username.focus();">    
       <table>
          <tr>
            <td width="320" height="240">
                <bean:message key="gcc.title"/> 
            </td>        
          </tr>
        </table>        
        
        <html:form action="j_security_check">
            <p>
                <label>Login ID:</label>
                <html:text property="j_username" maxlength="32" size="26" />
            </p>
            <p>
                <label>Password:</label>
                <html:text property="j_password" maxlength="32" size="26" />
             </p>
            
            <p>
                <html:hidden property="method" value="goToCurrentUserPage"/>
                <html:submit property="Login" value="Login" />
            </p>                    
        </html:form>
  </body>
</html:html>
 
 
Struts-config.xml
 
<action-mappings>
    <action path="/j_security_check"
            name="LoginForm"
            scope="session"
            type="org.nexweb.qol.gcc.actions.GeneralDispatchAction"                              
            parameter="method"
            input="/WEB-INF/jsp/login.jsp"
            validate="false">
      <forward name="mvro" path="/WEB-INF/jsp/mvroUser.jsp"/>
      <forward name="tax" path="/WEB-INF/jsp/taxUser.jsp"/>
      <forward name="nex" path="/WEB-INF/jsp/nexUser.jsp"/>
    </action>
 
Action class:
 
public class GeneralDispatchAction extends DispatchAction
{
    private static final Logger logger =
        Logger.getLogger(GeneralDispatchAction.class);    
        
    public ActionForward goToCurrentUserPage(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception
    {
        logger.info("Entered goToCurrentUserPage()");
        List userRoles = GCCUtil.getUserRoles(request);
        String currentUserRole = "";
        ActionForward forward = null;
        for (int i = 0; i < userRoles.size(); i++)
        {
            String roleFromList = (userRoles.get(i)).toString();
            if(request.isUserInRole(roleFromList)) 
            {
                currentUserRole = roleFromList;
                break;
            }
        }    
        System.out.println("currentUserRole " + currentUserRole);
        logger.info("currentUserRole " + currentUserRole);
        if (StringUtils.isNotBlank(currentUserRole))
        {
           (request.getSession()).setAttribute("currentUserRole", currentUserRole);
            if (StringUtils.equals(GCCUtil.MVRO_CLERK, currentUserRole)
                || (StringUtils.equals(GCCUtil.MVRO_SUPV, currentUserRole)))
            {
                forward = mapping.findForward("mvro");  
            }
            else if (StringUtils.equals(GCCUtil.TAX_CLERK, currentUserRole))                 
            {
                forward = mapping.findForward("tax");
            }
            else if ((StringUtils.equals(GCCUtil.NEX_ADP, currentUserRole))
                    || (StringUtils.equals(GCCUtil.NEX_CLERK, currentUserRole))
                    || (StringUtils.equals(GCCUtil.NEX_SERV, currentUserRole)))
            {
                forward = mapping.findForward("nex");
            }
        }
        return forward;
    } 

Open in new window