i work on an application that uses Struts2 and Struts1. Now i want to implement authentication for different actions. I'd like to use an interceptor to check to which namespace an action belongs. I wrapped all Struts1 action with Struts2 action. So all strut1-action run through the interceptor.
<action name="contactsList" class="com.opensymphony.xwork2.ActionSupport">
<result name="success">contactsList.do</result>
</action>
The problem is that if a user enters a struts1-action in the browser the interceptor will not be called.
My question: Is there a difference between action calls coming from the browser and action calls called via Struts configuration. If it is possible, is it possible to disallow Struts1 actions from the browser but from within struts it is allowed?
You have thought in the wrong direction. There's a Struts1 plugin in Struts2 that actually wraps the Struts1 action. So, the code will look like
<action name="contactsList" class="org.apache.struts2.s1.Struts1Action">
<param name="className">com.mycompany.myapp.ContactsListAction</param>
<result>contactsList.jsp</result>
</action>
To your question the Struts2 return result that either redirect or dispatch to the servlet even if your action doing nothing. You could do anything with the browser but Struts will accept requests until you map it to the url where it's responsible to react on the browser requests.