You could also consider a servlet filter, to prevent the user from even
getting to the RequestProcessor in the first place:
Javadoc:
http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/Filter.html
-Original Message-
From: Jamal Najmi [mailto:[EMAIL PROTECTED]]
Sent: Thursday,
Do a session scoped variable instead of a parameter. Also, as far as I
know, request parameters don't pass over into request attributes, so
checking for an attribute on your resource instead of a parameter (which a
person can fake) might solve that problem.
-Jacob
| -Original Message-
|
2 matches
Mail list logo