java - Session management using authentication in Struts 2

Question

I have an application where i login and it takes me to the next page and displays a table.

I have handled session by implementing the SessionAware interface. When i refresh the page with the refresh button on the browser or F5, it works fine. However, if i press enter on the url, it takes me to the login page because the username and password is null.

Please find below my java code and jsp code and struts.xml

JAVA class:

public String Authentication()
{        
    //  return userInfo.getUserLoginId() + "_BUSINESS_SERVICES";
    if(j_username == null)
    {
        status="failure3";
        return status;
    }
    System.out.println("get username and get password" +j_username + j_password);


    // if no userName stored in the session,
    // check the entered userName and password
    if (j_username != null && j_password != null) {
         System.out.println("inside function");
        // add userName to the session
        sessionMap.put("j_username", j_username);
        status = otlAuthenticationController.loginAuthentication(j_username,j_password);
        if(status == "success")
        {
            this.otlUserList= otlAuthenticationController.obtainList();
            System.out.println("size is"+otlUserList.size());

        }

    }


    return status;
}

public String logout()
{
    if (sessionMap instanceof org.apache.struts2.dispatcher.SessionMap) {
        try {
            //((org.apache.struts2.dispatcher.SessionMap) sessionMap).invalidate();
            if (sessionMap.containsKey("userName")) {
            sessionMap.remove(j_username);
            System.out.println("session killed");
            status ="success";
            }
        } catch (IllegalStateException e) {
            e.printStackTrace();
        }
    }
    return "success";
}

JSP page:

<div class="label" style="margin-top:10px;"><s:text name="login.password" /></div><input id="j_password" name="j_password" type="password" placeholder="Password" size="31" autocomplete="off"/><br><br>
<div class="left" style="padding-left:150px; horizontal-align:right;text-align:center;"><input type="submit" name="login"  value=<s:text name="login"/> class="button normal normal1"  onClick="validate1()"/></div>&nbsp;
   <br> <br><s:if test="status=='failure'">
  <center><p style="color:RED" text-align :"center"><b>  Invalid username. Please enter a valid username</b></p></center>
</s:if>
<s:if test="status=='failure2'">
<center><p style="color:RED" text-align :"center"><b>  Invalid password. Please enter a valid password</b></p></center>
</s:if>
<s:if test="status=='failure3'">
  <center><p style="color:RED" text-align :"center"><b>  Login to the application to continue</b></p></center>
</s:if>
</div>

struts.xml:

<action name="logout" class ="com.opentext.planning.view.OTLAuthentication" method="logout">
       <result name="success">/WEB-INF/index.jsp</result>
       <result name="failure">/WEB-INF/error.jsp</result>
</action>       
<action name ="Otl_Homepage" 
    class="com.opentext.planning.view.OTLAuthentication" method="Authentication">
    <result name="success">/WEB-INF/Otl_Homepage.jsp</result>
   <result name="failure">/WEB-INF/index.jsp</result>
    <result name="failure2">/WEB-INF/index.jsp</result>
    <result name="failure3">/WEB-INF/index.jsp</result>
</action>

Answer 1

The required parameters are in the action context, but if you are using the action, which for some reason doesn't get parameters from the params interceptor, then you still can get parameters if your action implements ParameterAware.

public class OLTAuthentication implements ParameterAware {

private Map<String, String[]> parameters;

public void setParameters(Map<String, String[]> parameters){
  this.parameters = parameters;
} 

public String Authentication() {
    String j_username = parameters.get("j_username")[0];
    String j_password = parameters.get("j_password")[0];
    ...