We are using Struts2
StrutsPrepareAndExecuteFilter. The configuration in
<filter> <filter-name>struts2</filter-name> <filter-class> org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter </filter-class> <init-param> <param-name>struts.devMode</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>struts2</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
We need to implement authentication/permission inside this common interceptor.
What will be the easy way for it? Can we create a customized interceptor which extends
StrutsPrepareAndExecuteFilter and do our implementation inside that?
You should never do a customization of
Even if it’s not
final and not
package protected like in other frameworks, extending that filter is not necessary.
You should learn basics of the Struts2 architecture. from the Nutshell.
you can see the basic Struts2 flow. Struts2 is implemented as a filter to handle all requests and dispatch them to actions through a stack of interceptors that leverage most of the functionality and features of Struts2 framework.
So if you want to add some feature like authentication, then you should first think about extending it via the authentication interceptor. This interceptor should be configured to be invoked on every action from the incoming requests. See how it’s done in struts2 adding interceptors in
struts.xml for all action class.
Latter there’s a link that you could use to write a custom interceptor for authentication purposes. See Is there a way to redirect to another action class without using on