i want a mechanism in my web app as described below:
user will enter mydomain.com/CompanyName , depending upon the CompanyNameit will show its logo and its customized page, and i will take that parsed parameter in session again upon each request i will compare the parsed CompanyName and one stored in session , and if they matched then application will show the requested page with user's data.else it will be redirected to login page.
and the main thing is i want this thing in JSF arch.
i tried taking a servlet that will resolve all request and it will parse and then will dispatch the request to prefered servlet,but problem is it goes in loop as again it resolves to the same controller servlet,
You can do this via a phase listener. You can define a global one in faces-config.xml (or using annotations, if JSF 2.0 is used)
<lifecycle>
<phase-listener>com.yourcompany.CompanyPhaseListener</phase-listener>
</lifecycle>
There you have access to the FacesContext, from which you can obtain the current request URI. Parse it and store the appropriate attributes in the request, which you can later read on your pages.
The phase listener is executed on the specified phase(s), and perhaps you should choose RENDER_RESPONSE
For affecting the way your URLs appear in the browser, check PrettyFaces.
i tried taking a servlet that will resolve all request and it will parse and then will dispatch the request to prefered servlet,but problem is it goes in loop as again it resolves to the same controller servlet,
Use a Filter instead. It by default doesn't listen on forwarded requests, so you won't get an infinite loop on forwarding.
Related
I am calling a web service to validate an email address. In case of an invalid email address this service returns messages and I need to display them in a JSP. I am using Jersey with Struts2 and I have a form which submits to an action which takes care of this logic at the back end. I am not using a servlet to get the messages from the HttpServletRequest object.
I get a list of messages and I need to display the error message text on the screen but I am not sure how to do it. On click I get the form id which goes to the back end using struts2 action.
Thanks...
I'd strongly recommend using the Struts2 validation interceptor. The documentation is very straight forward and it's very robust.
https://struts.apache.org/docs/basic-validation.html
https://struts.apache.org/docs/email-validator.html
You simply need to call the interceptor stack in your action in struts.xml, then specify what validations you want. You can then display your error on the JSP should the validation fail.
You can either use the default validators provided by the XML validation or set your own by creating a validate method in the action class that is called by the stack, or both.
http://www.simplecodestuffs.com/struts-2-fielderror-example/
Here is an example for you to work with.
I have an issue currently that the validate method of the actionform happens before the execute method of the action.
The reason this is an issue is that a user can submit their own request and should they have all required fields completed the validate passes and using the isTokenValid(request) method I can see that the request is invalid. and forward them to an "access denied" page. However if they do not complete all required fields in their forged request the validate method returns errors and they are forwarded to the actual page(.jsp) with error messages displayed.
Any idea how to prevent this?
To implement CSRF prevention in Struts1 using using tokens you should not allow direct access to your JSP pages.
A user should get to your forms through Struts Actions and the action will call saveToken(request) before they are forwarded to the form in the JSP page.
Where you usually forward directly to a JSP you can change to forward to an action that inherits from ActionForward. Within the execute it can then forward by calling parent ActionForward execute method. You could also implement additional logic restrictions in your new action class.
This answer to Struts CSRF question on separate thread may also be useful:
https://stackoverflow.com/a/5339391/6136697
I have my MVC architecture in my webapplication.Now the flow is as follows:
starter.jsp -> SERVLET ->view.jsp
Now view.jsp expects cetrtain request parameters to be present in request object.
When view.jsp is called using above workflow everything works fine.But if view.jsp is called directly then it does not get expected attributes in request and forwards to error.jsp
Now Will search engine directly call view.jsp? or will it travel from starter.jsp to view.jsp?
Detailed example:
main page has a href to a article.
href ="servlet?id=xyz"
Now servlet gets the id from request.
Servlet gets details for id from DB , puts the Object obtained from DB as request attribute
idDetails
And forwards to view.jsp
View.jsp gets request attribute idDetails
So view.jsp expects idDetails to be present as request attribute
There is no correlation between SEO and MVC. MVC manages the internals of your application while SEO is some external tweak. If they correlate somehow then there is something wrong with your application in my opinion.
If some files are public so the search engine can see them it is likely that they will be indexed. If in doubt you can always check your pages in google for example using the site: prefix.
So the point is that if you can see it google can see it.
I agree with Adam's reply. SEO and MVC architecture are not related at all.
If you have fear like, what happen If "CRAWLERS" will directly access your view.jsp page, then I suggest you to use Filters and Interceptors in your application.
So here your interceptor/filter will intercept the incoming request and filter it out if they are directly made by "Crawler Algorithm" OR "Suspect User".
Sorry friends if this question is very easy but i am confuse i unable to find out solution.
As we all know in spring MVC framework we create controller which will handle multiple request from same page using #requestmapping annotation.
but same thing i want to do in servlet how can i do ?
Suppose i have a jsp which which will contain a jqgrid,and two forms i want to use only one servlet to load the data into jqgrid and that servlet only will handle request from both the form . Since we have only doGet and doPost in servlet how one servlet fulfill all three request. Hope you understand my question if you have and link where i get sample or and tutorial link plz reply me
Well, the only easy way to do this would be to use a request parameter to control how the processing happens.
In a very basic example, you may have something like a requestType value that gets passed as either part of the query string or the request body. You would assign values of 1-3 (or 0-2) with each value indicating a different type of request. Your servlet would then parse the request accordingly.
This actually is how the DispatcherServlet in SpringMVC works. There's only one servlet class instance and when a request comes in, it examines the query string along with other parts of the request to determine which controller should handle the request.
I want to secure (temporarily) my application by create front page with captcha and simple form. I suppose Spring Security is too complicated for this task. How can I catch all requests and check if some attribute in session is set? If it is set then all these #RequestMapping methods should be executed, otherwise redirect to one front page.
Have a handler interceptor defined and applied to all the handlers. The example in that link shows you also how to perform the redirect. Also check the mvc:interceptors for the Spring 3 - like configuration.
You can simply configure a Filter for this