I am currently in the process of learning Struts 2 and I am currently building a simple application where unverified users are redirected to a login form.

I have a login form and action functional which takes the users credentials, verifies them and stores a User object in the session however I am now trying to prevent access to pages before the login has taken place and I am trying to do this with an interceptor.

My problem is that I have written an interceptor that checks whether the User object has been saved in the session but if it has not I want to redirect to the login page and can't find any way of doing this without bypassing struts and using the HttpServletResponse.sendRedirect method

Configuration:

<package name="mypackage" extends="struts-default" namespace="/admin">

    <interceptors>
        <interceptor name="login" class="my.LoginInterceptor" />
    </interceptors>

    <default-interceptor-ref name="login"/>

    <action name="login" class="my.LoginAction">
        <result name="input">/admin/login.jsp</result>
        <result name="success" type="redirect">/admin</result>
    </action>

    <action name="private" class="my.PrivateAction">
        <result>/admin/private.jsp</result>
    </action>

</package>

The interceptor code:

@Override
public String intercept(ActionInvocation inv) throws Exception {

    Map<String, Object> session = inv.getInvocationContext().getSession();

    Object user = session.get("user");
    if(user == null) {

                      // redirect to the 'login' action here            

    }
    else {
        return inv.invoke();
    }

}