File Doc Category Size Date Package
CustomRequestProcessor.java API Doc Example 2039 Tue Aug 31 15:44:16 BST 2004 com.oreilly.strutsckbk.ch11

CustomRequestProcessor

java.lang.Object
- org.apache.struts.action.RequestProcessor

public class CustomRequestProcessor extends org.apache.struts.action.RequestProcessor

author: Bill Siggelkow TODO To change the template for this generated type comment go to Window - Preferences - Java - Code Style - Code Templates

Fields Summary
Constructors Summary
Methods Summary
protected boolean processRoles(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.apache.struts.action.ActionMapping mapping)
// Is this action protected by role requirements? String roles[] = mapping.getRoleNames(); if ((roles == null) || (roles.length < 1)) { return (true); } // Check the current user against the list of required roles for (int i = 0; i < roles.length; i++) { if (request.isUserInRole(roles[i])) { if (log.isDebugEnabled()) { log.debug(" User '" + request.getRemoteUser() + "' has role '" + roles[i] + "', granting access"); } return (true); } } // The current user is not authorized for this action if (log.isDebugEnabled()) { log.debug(" User '" + request.getRemoteUser() + "' does not have any required role, denying access"); } response.sendError( HttpServletResponse.SC_FORBIDDEN, getInternal().getMessage("notAuthorized", mapping.getPath())); return (false);