•  What We Do
  •  What We Can Do For You
  •  How We Do It
  •  About Us
  •  Blog
  •  Search
  •  Client Login

1.818.524.2500


Simple Method to Handle Mixed Protocol Page Transitions in Struts 1.x

Submitted by drew on Tue, 08/25/2009 - 15:24
  • java
  • struts
  • web development

It's always a pain when you try to mix secure (http) and (https) pages in Struts 1.x. Struts doesn't provide a built-in support for that. So here's a little Servlet Filter that can help in these kind of situations. The beauty of this approach is that it's non-intrusive so you don't really need to make any changes to your Struts application. All you need to do is put the Strut Action Names of the actions that need to be served securely in secureActions Set and the actions that don't care about the request scheme in dependantActions Set and Voila! .... just don't forget to put the filter definition is your web.xml ;)

 

public class RequestSchemeFilter implements Filter {

  private static final String  strutsExtention    = ".do";
  private final Set<String>  secureActions    = new HashSet<String>();
  private final Set<String>  dependantActions  = new HashSet<String>();

  public RequestSchemeFilter() {
    secureActions.add("login");
    secureActions.add("userAccount");
    secureActions.add("checkOut");

    dependantActions.add("dynamicCSS");
  }

  public void init(final FilterConfig config) throws ServletException {
  }

  public void destroy() {
  }

  public void doFilter(final ServletRequest servletRequest, 
      final ServletResponse servletResponse, final FilterChain filterChain)
      throws IOException, ServletException {

    boolean stopChain = false;
    try {
      final HttpServletRequest request = (HttpServletRequest) servletRequest;

      final String requestUri = request.getRequestURI();
      final String requestUrl = request.getRequestURL().toString();
      final String queryString = request.getQueryString();
      final String requestScheme = request.getScheme();

      final String actionNameWithExtention = requestUri.substring(requestUri.lastIndexOf('/') + 1);
      final String actionName = actionNameWithExtention.substring(0, actionNameWithExtention.length() -
       strutsExtention.length());

      final StringBuilder originalUrl = new StringBuilder();
      originalUrl.append(requestUrl);
      if (StringUtils.isNotBlank(queryString)) {
        originalUrl.append('?').append(queryString);
      }

      if (!"https".equalsIgnoreCase(requestScheme) && secureActions.contains(actionName)) {

        final String newUrl = toSecure(requestUrl, queryString);
        final HttpServletResponse response = (HttpServletResponse) servletResponse;
        response.sendRedirect(newUrl.toString());
        stopChain = true;

      } else if ("https".equalsIgnoreCase(requestScheme) && !secureActions.contains(actionName)
          && !dependantActions.contains(actionName)) {

        final String newUrl = toUnsecure(requestUrl, queryString);
        final HttpServletResponse response = (HttpServletResponse) servletResponse;
        response.sendRedirect(newUrl.toString());
        stopChain = true;
      }

    } catch (final Exception e) {
      //not important
    }

    if (!stopChain) {
      filterChain.doFilter(servletRequest, servletResponse);
    }
  }

  private static String toSecure(final String requestUrl, final String queryString) {
    final StringBuilder newUrl = new StringBuilder();
    newUrl.append("https://");
    newUrl.append(requestUrl.substring(requestUrl.indexOf("://") + 3));
    if (StringUtils.isNotBlank(queryString)) {
      newUrl.append('?').append(queryString);
    }

    return newUrl.toString();
  }

  private static String toUnsecure(final String requestUrl, final String queryString) {
    final StringBuilder newUrl = new StringBuilder();
    newUrl.append("http://");
    newUrl.append(requestUrl.substring(requestUrl.indexOf("://") + 3));
    if (StringUtils.isNotBlank(queryString)) {
      newUrl.append('?').append(queryString);
    }

    return newUrl.toString();
  }

}

 

»
  • drew's blog

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
1 + 3 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Recent Blog Posts

  • NetApp Deduplication Performance
  • Apple’s Snow Leopard: Thinking so different it just doesn’t work
  • Key to evaluating products
  • Some Thoughts on Oracle + Sun
  • Micorosft: Good bad Ugly
  • Proper Way to Install NVIDIA Drivers
  • 10 Freeware titles that are worth checking out
  • Revving Up Sales with Search Engine Optimization (SEO)
  • The difference between a cloud and SaaS
  • 2009 Recap: What will 2010 bring us?
more

Tags for Simple Method to Handle Mixed Protocol Page Transitions in Struts 1.x

Blog

  • java
  • struts
  • web development

Tag Cloud

RichFaces JSF microsoft saas retail technology java cloud computing nvidia drivers hdmi pc dvi edid recap roi Quark Apple real world
more tags

Copyright © 2011 by Venarc Corporation. All rights reserved. Venarc and Venarc logo are trademarks of Venarc Corporation.