1. 首頁
  2. 問答
  3. struts 2調度程序和tomcat 6安全

struts 2調度程序和tomcat 6安全

2015-05-19 34 views
1

我試圖讓struts2與tomcat 6身份驗證應用程序一起工作。 當用戶登錄。 ,但我不能使用Struts標籤我的JSP工作,如果用戶較無登錄或拒絕用戶(403)struts 2調度程序和tomcat 6安全

我的應用程序正常工作是有辦法獲取tomcat允許訪問struts dispatcher而不被記錄?

錯誤記錄:

GRAVE:The Struts dispatcher cannot be found. This is usually caused by using Struts tags without the associated filter. Struts tags are only usable when the request has passed through its servlet filter, which initializes the Struts dispatcher needed for this tag. - [unknown location] 
at org.apache.struts2.views.jsp.TagUtils.getStack(TagUtils.java:58) 
at org.apache.struts2.views.jsp.StrutsBodyTagSupport.getStack(StrutsBodyTagSupport.java:44) 
at org.apache.struts2.views.jsp.ComponentTagSupport.doStartTag(ComponentTagSupport.java:48) 
at org.apache.jsp.acces_002drefuse_jsp._jspx_meth_s_005fa_005f0(acces_002drefuse_jsp.java:183) 
at org.apache.jsp.acces_002drefuse_jsp._jspService(acces_002drefuse_jsp.java:85) 
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) 
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:388) 
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313) 
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646) 
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:438) 
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374) 
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302) 
at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:421) 
at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:342) 
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) 
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) 
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) 
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861) 
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606) 
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) 
at java.lang.Thread.run(Unknown Source)

的web.xml

<web-app> 
<filter> 
    <filter-name>struts2</filter-name> 
    <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class> 
</filter> 

<filter-mapping> 
    <filter-name>struts2</filter-name> 
    <url-pattern>*.action</url-pattern> 
    <dispatcher>FORWARD</dispatcher> 
    <dispatcher>REQUEST</dispatcher> 
    <dispatcher>INCLUDE</dispatcher> 
</filter-mapping> 

<welcome-file-list> 
    <welcome-file>index.jsp</welcome-file> 
</welcome-file-list> 

<error-page> 
    <error-code>403</error-code> 
    <location>/acces-refuse.jsp</location> 
</error-page> 

<security-constraint> 
    <display-name>Autorized only</display-name> 
    <web-resource-collection> 
     <web-resource-name>protected</web-resource-name> 
     <url-pattern>/mypages.action</url-pattern> 
    </web-resource-collection> 
    <auth-constraint> 
     <role-name>admin</role-name> 
    </auth-constraint> 
</security-constraint> 
<security-constraint> 
    <display-name>public</display-name> 
    <web-resource-collection> 
     <web-resource-name>public</web-resource-name> 
      <url-pattern>/acces-refuse.jsp</url-pattern> 
    </web-resource-collection> 
</security-constraint> 

<login-config> 
    <auth-method>FORM</auth-method> 
    <realm-name>Tomcat Server Configuration Form-Based Authentication Area</realm-name> 
    <form-login-config> 
     <form-login-page>/login.jsp</form-login-page> 
     <form-error-page>/login-fail.jsp</form-error-page> 
    </form-login-config> 
</login-config> 
</web-app>

ACCES-refuse.jsp

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 
"http://www.w3.org/TR/html4/loose.dtd"> 
<%@taglib uri="/struts-tags" prefix="s" %> 
<html> 
<s:a action="login">logout</s:a> 
</html>

感謝您的幫助

來源

2015-05-19 bob

+2

如果你真的需要/想用'安全約束'那麼你應該重定向到jsp的某個動作。 –

回答

1

感謝您的回覆有用

我重定向到一個動作,從我的錯誤jsp頁面onload,我可以使用struts標籤

謝謝!

ACCES-refuse.jsp

<html> 
    <head> 
    <META HTTP-EQUIV="Refresh" CONTENT="1;URL=acces-refuse.action"> 
</html>

struts.xml的

<action name="acces-refuse" class="className"> 
     <result name="success">/acces-refuse-action.jsp</result> 
</action>

這個代碼是有點意大利麪條的代碼,但工作

來源

2015-05-19 12:35:45 bob

+1

@RussellUhl:其實這是一個答案。 bob:你可以添加你用於重定向的代碼,並將此答案標記爲已接受。 –

相關問題

 相關問題