Hi,
Does Struts 1.1 provide any means of implementing Authentication/Authorization?
While going through the code, I found the following methods related to (Security)
Roles.
processRoles()
getRoles()
setRoles()
- How exactly are the Roles cofigured? Is struts-config.xml file used for this
Subject: Re: User Authentication
From: "David Bolsover" <[EMAIL PROTECTED]>
===
Craig
Thanks for the lead - I shall certainly follow up - although I have now
solved the problem for my present project
regards
David Bolsover
"Craig R. McClanahan" <[EMAIL PROT
> That's the part I was talking about. Tomcat and Resin aren't
> too bad, but I never have found an example of container
> managed security with Websphere.
WebSphere uses its CustomRegistry interface for the database
access layer of container managed security.
Please see
http://www-3.ibm.com/s
On Wed, 12 Jun 2002, Struts Newsgroup wrote:
> Date: Wed, 12 Jun 2002 05:10:01 -0700
> From: Struts Newsgroup <[EMAIL PROTECTED]>
> Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: User Authentication
>
> Subjec
Subject: Re: User Authentication
From: "David Bolsover" <[EMAIL PROTECTED]>
===
Hi all
I am pleased that my posting provoked so may interesting responses; I was
particularly intrigued by the reference to Open Symphony - OSUser module -
thanks to Kevin Palfreyman for that. S
Hey All,
I am having a problem with Form based authentication in Tomcat (4.03).
The example app that uses it works fine, but when I go into my struts
app (1.1b) and I try to do form based authentication I get the following
message back:
--
Apache Tomcat/4.0.3 - HTTP
lities -- for example, form-based login defined in
> > > the Servlet spec (http://java.sun.com/products/servlet/download.html).
> > > Then, you can let the container worry about login management.
> > I've got a question about container managed security. Why was
> >
ular role or not.
>
Shows how much I know about container-managed authentication. Thanks for
the info. :)
> Struts 1.1 can use this capability to enforce per-Action restrictions on
> which roles are allowed to access which actions -- you can configure this
> with the "roles&quo
ROTECTED]>
> Subject: RE: User Authentication
>
> Container-managed security also cannot deal with user roles, AFAIK. That
> is, if you have a user role and admin role (and possibly more) within your
> application, then you have to authenticate yourself so that you can
> determine the
On Mon, 10 Jun 2002 [EMAIL PROTECTED] wrote:
> Date: Mon, 10 Jun 2002 15:36:43 -0400
> From: [EMAIL PROTECTED]
> Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]>
> To: Struts Users Mailing List <[EMAIL PROTECTED]>
> Subject: Re: User Authentication
>
>
On 10 Jun 2002, Dave Weis wrote:
> Date: 10 Jun 2002 14:00:44 -0500
> From: Dave Weis <[EMAIL PROTECTED]>
> Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]>
> To: Struts Users Mailing List <[EMAIL PROTECTED]>
> Subject: Re: User Authentication
>
&g
At 11:56 AM 6/10/2002 -0700, you wrote:
>On Mon, 10 Jun 2002 [EMAIL PROTECTED] wrote:
>I can share a couple of useful insights on this topic.
>
>Fundamentally, there are two major approaches that you can take when your
>application requires user login and management:
>
>- Container-managed securit
Container-managed security also cannot deal with user roles, AFAIK. That
is, if you have a user role and admin role (and possibly more) within your
application, then you have to authenticate yourself so that you can
determine the role.
My .02 cents on authentication:
It is, IMHO, a very bad
> >
> > I've wondered why Struts provides no specific User Management tools.
I'd
> > almost expect to see a user.tld tag lib and struts tags such as:
> >
Craig,
Thanks for responding. I figured the answer was pretty much what you had
indicated.
I also appreciate the exception cases you iden
t; Then, you can let the container worry about login management.
I've got a question about container managed security. Why was
security-constraint standardized, but not the actual authentication
code? It makes moving between servlet containers a pain.
dave
--
To unsubscribe, e-mail:
On Mon, 10 Jun 2002 [EMAIL PROTECTED] wrote:
> Date: Mon, 10 Jun 2002 11:40:45 -0400
> From: [EMAIL PROTECTED]
> Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]>
> To: Struts Users Mailing List <[EMAIL PROTECTED]>
> Subject: Re: User Authentication
>
>
;
<[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
cc:(bcc: Kevin Bedell/Systems/USHO/SunLife)
Subject: RE: User Authentication
I haven't actually used it, but would the Open Symphony - OSUser module
help here, even as a
: 10 June 2002 16:41
> To: Struts Users Mailing List
> Subject: Re: User Authentication
>
>
>
> I'd like to bring this up at a more general level.
>
> I've wondered why Struts provides no specific User Management
> tools. I'd
> almost expect to see a
operties from a configurable User
bean
- to configure authentication against various
soruces such as ldap, jdbc, etc.
- for conditional processing based on whether or
not a user has a certain role associated with them.
I know that servlet spec 2.3 provides the idea of realms and a decla
Subject: Re: User Authentication
From: Torgeir Veimo <[EMAIL PROTECTED]>
===
David Bolsover wrote:
> Vic
>
> Thanks - you could well be right, my question may be better directed to web
> container or JAAS.
> What I do know is that using the web xml .. ,
> .. fea
Subject: Re: User Authentication
From: "David Bolsover" <[EMAIL PROTECTED]>
===
Vic
Thanks - you could well be right, my question may be better directed to web
container or JAAS.
What I do know is that using the web xml .. ,
.. features is not sufficintly flexible for my needs
Subject: Re: User Authentication
From: "Vic C." <[EMAIL PROTECTED]>
===
This is web container or a JAAS question.
It is hard to say based on your e-mail if you already did it or you are
asking how.
Typically, after the Struts application is constructed, JAAS is added.
An
Subject: User Authentication
From: "David Bolsover" <[EMAIL PROTECTED]>
===
Hi all
I have a Struts based app to which I need to add some moderately complex
user access privileges.
At present, users log-in using form based authentication and I then place a
User object in sessio
Subject: Re: Action classes/Form based authentication/ EJBs
From: Torgeir Veimo <[EMAIL PROTECTED]>
===
Roland Chan wrote:
> Okay, I turned on my "prompt before adding cookies" in my browser and it
> appears that during form-based authentication a cookie is never being
Hello,
When using form based authentication, it appears that cookies are not
being written to the client. In my server.xml, noCookies=false, and the
client browsers have cookies enabled.
Can anyone shed any light here?
Thanks,
Roland
BTW, noCookies=false in my server.xml. Thanks, R.
-Original Message-
From: Roland Chan [mailto:[EMAIL PROTECTED]]
Sent: May 29, 2002 1:28 PM
To: 'Struts Users Mailing List'
Subject: RE: Action classes/Form based authentication/ EJBs
Okay, I turned on my "prompt before
Okay, I turned on my "prompt before adding cookies" in my browser and it
appears that during form-based authentication a cookie is never being
saved to my clients browser. Can anyone provide any sort of guidance
here?
Thanks,
R.
-Original Message-
From: Struts Newsgroup [mail
the browser to pop up the dialog. It is
not a big protection but better then none. This basic authentication is in
Web server domain. You can control this behavior from your servlet (or
similair):
String authorization = request.getHeader("Authorization");
if (authorizatio
Pardon my ignorance please but what is basic authentication and
form-based authentication? You were talking about sessions and URL
rewriting and I thought I knew all about that. What is the auth header
from the browser? Is this container managed ?
Thanks
Adam
Struts Newsgroup
Subject: Re: Action classes/Form based authentication/ EJBs
From: Torgeir Veimo <[EMAIL PROTECTED]>
===
Roland Chan wrote:
> Hi There,
>
> Using BASIC authentication my action classes work like a charm. However,
> when I switched to form based authentication calls to secured
Hi There,
Using BASIC authentication my action classes work like a charm. However,
when I switched to form based authentication calls to secured EJBs
present an "authentication exception, principal=null error".
This is strange only because I know the principal exists and was
aut
Hi There,
Using BASIC authentication my action classes work like a charm. However,
when I switched to form based authentication calls to secured EJBs
present an "authentication exception, principal=null error".
This is strange only because I know the principal exists and was
aut
Hi Eddie,
It sound like you need to use form-based authentication, do a search on the
Javasoft site and/or the tomcat site for form-based authentication.
Jon.
-Original Message-
From: Eddie Bush [mailto:[EMAIL PROTECTED]]
Sent: 06 May 2002 19:38
To: Struts Users Mailing List
Subject
ECTED]>
Sent: Monday, May 06, 2002 2:04 PM
Subject: RE: [Off-Topic] Container-Based Authentication
Try "Form Based Authentication" in your search
Randy Bielby
608.242.4100 x32258
>-Original Message-
>From: Eddie Bush [mailto:[EMAIL PROTECTED]]
>Sent: Monday, May
Try "Form Based Authentication" in your search
Randy Bielby
608.242.4100 x32258
>-Original Message-
>From: Eddie Bush [mailto:[EMAIL PROTECTED]]
>Sent: Monday, May 06, 2002 1:38 PM
>To: Struts Users Mailing List
>Subject: [Off-Topic] Container-Based Auth
I think I would like to move my authentication to the container, but I don't really
want that dialog displayed that pops up for secured URLs. I'd much prefer the user be
redirected to an action that gives them a form to log etc.
Could one of you please point me in a good direction?
Tero P Paananen wrote:
>>What are the factors involved in selecting form-based
>>authentication over, say, custom authentication which
>>can be simple to implement based on a db of registered
>>users who have or don't have an indicator stored
>>in their sessi
> What are the factors involved in selecting form-based
> authentication over, say, custom authentication which
> can be simple to implement based on a db of registered
> users who have or don't have an indicator stored
> in their session(representing a login)?
One factor
Hi,
What are the factors involved in selecting form-based authentication
over, say, custom authentication which can be simple to implement based
on a db of registered users who have or don't have an indicator stored
in their session(representing a login)?
An example of c
I am using struts with J2EE authentication. I am using Orion server,
however. Here are some of the things which I did.
When you setup your J2EE authentication, you typically tell it what path to
protect, so for example if you make "/member/*" a password protected
resource make sur
I am trying to get authentication working in a war file that is running
on WebSphere 4.0.2 through a struts based ui. I have a login page that
does form based auth and that works just fine. But when I link to a
struts controlled url the app loses its user Principal. A call to
Crawford [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 1:03 PM
To: [EMAIL PROTECTED]
Subject: Authentication without JDBC Realms?
Hopefully someone can provide some insight on this. We're developing at my
company a Struts application and we're trying to implement secur
Subject: Re: authentication and authorization with struts and ldap
From: "Matt Raible" <[EMAIL PROTECTED]>
===
Tomcat works great with it's Realms if that's your appserver. Most
appservers have this built in. It's a little learning curve to do
container-manage
Hopefully someone can provide some insight on this. We're developing at my
company a Struts application and we're trying to implement security. We're
using iPlanet because it's what we already owned (version 6.0) and we're
on a limited budget. We don't have money for another server for LDAP, a
On Tuesday 02 April 2002 11:38 am, Sriram Nookala wrote:
> I'm looking for resources and examples in order to integrate ldap with
> struts for authorization and authentication. thanks,
> sriram
Check out TagLibs.
Anthony
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED
I'm looking for resources and examples in order to integrate ldap with struts for
authorization and authentication.
thanks,
sriram
application but i would like used
> Smartcard/Certificate Authentication Web Controller from my previous Web
> Application (developed in my company).
>
> How can i do this ?
>
> thanks
>
> ---
&g
Hi,
I want use Struts to develop some web application but i would like used
Smartcard/Certificate Authentication Web Controller from my previous Web
Application (developed in my company).
How can i do this ?
thanks
Hi,
My webapp is implemented based on struts and deployed
to WebSphere.
I am using custom-user-registry to protect web
resource. I have setup
everything. when start the Admin Console, it asked me
for the user
name and password, I entered those parameters and it
let passed that
point, so I assum
I have CONFIDENTIAL in my
web.xml to required SSL be used to login. In an ideal world, tomcat
would detect that the user is using http and switch them to https for
the authentication. And it looks like Tomcat is "trying" to do this with
IE.
When I navigate to an unsecured page (the w
I have form-based authentication in my web.xml that requires HTTPS - has
CONFIDENTIAL. In my opinion,
one of the beautiful things about declarative security is that users can
have bookmarks and return to the same location, and be prompted.
My problem is that (1) I'm using the latest ni
Hi,
If I were you I'd seperate login ENTIRELY from the struts part of the site. Have the
authentication do its stuff and set up a session object which the rest of the site
looks at to validate the user - or makes use of/or whatever model you use.
The reason is that login is often some
all validation class that
> authenticates
> the login and forwards to the appropriate JSP?
I would say the latter. Another option would be
to have the container perform authentication
(see the Servlet 2.2 spec for into on how to set this
up).
Nick
--
To unsubscribe, e-mail: <
What's the best way to authenticate users from a backend database in a
system using Struts? Should the HTML form action go through the
ActionServlet or should I write a small validation class that authenticates
the login and forwards to the appropriate JSP?
Thanks,
Mark
--
To unsubscribe, e-mai
The next step...
A challenge with container managed authentication is that you generally
can't predict what url the user originally requested and thus can not do any
post-authentication processing. Let's say whenever a user successfully logs
in I want to log to an audit trail. I cou
Message-
From: Domen, Ken [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 16, 2002 4:42 PM
To: '[EMAIL PROTECTED]'
Subject: tag for authentication
Is there a struts tag library that does basic authentication?
ken
--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For add
Is there a struts tag library that does basic authentication?
ken
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
riginal Message-
From: Robert Tyler Retzlaff [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 16, 2002 2:55 PM
To: [EMAIL PROTECTED]
Subject: persistent authentication
One of the advantages of the MVC approach is that the controller is
able to provide authentication verification for ea
One of the advantages of the MVC approach is that the controller is
able to provide authentication verification for each request to a
resource in the application.
Does struts support this? If so how? Currently I'm 'checking'
authentication in each of my Action classes tha
ation 'A' and 'B' are
running within the same environment.
Jon.
-Original Message-
From: Michelle Popovits [mailto:[EMAIL PROTECTED]]
Sent: 18 December 2001 21:13
To: [EMAIL PROTECTED]
Subject: Invalidate and container authentication in multi-app environment
Hi,
I
ainer authentication in multi-app
environment
Hi,
I have been researching the archives trying to resolve an issue.
http://www.mail-archive.com/struts-user@jakarta.apache.org/msg10294.html
http://www.mail-archive.com/struts-user@jakarta.apache.org/msg14538.html
These threads describe my situation p
action
itself is secure and should prompt for authentication before allowing the
page to be viewed.
In the logout action:
a) invalidate the session
b) forward to the applications main page (redirect=true)
Now, normally if I just log into this application (lets call it Application
A), do stuff
It seems like you are wanting to bypass the authentication check and I don't
that is permitted using form-baased authentication.
-Original Message-
From: David Bolsover [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 11, 2001 5:15 PM
To: Struts User
Subject: FORM Authenticati
Hi all
Can anyone help with these problem?
Problem 1
I would like to be able to use the Tomcat JDBCRealm features in concert with
struts - the problem is this - how can I provide a hypertext link in an
e-mail I send to users that will allow users to log into my struts webapp
without having to m
ntainer-managed authentication is that users can probably
bookmark many pages, and get back to them just by signing in. If you need to
perform additional processing when a user logs in, you might consider using
Filters.
Matt
--- storck <[EMAIL PROTECTED]> wrote:
> Is that normal that I have to
I also use JBoss wich does its user-authentication based on JAAS. Does
someone has experiences with it an can help to how I can fit both - struts
and jboss - together. I would like to have a login-page where a user can
login. If he is not loged in he is treated with guest-role so if he browses
a
e the user is logged
in. I'll look into this further. Anyone else have experience here?
Jon.
-Original Message-
From: storck [mailto:[EMAIL PROTECTED]]
Sent: 03 December 2001 10:57
To: 'Struts Users Mailing List'
Subject: AW: HTTP form based authentication
Is that normal t
2001 11:40
An: 'Struts Users Mailing List'
Betreff: RE: HTTP form based authentication
Hi Shri,
I have found the best (only?) approach is not to use a struts html:form tag
on your login screen as you are posting to the containers auth mechanism not
the struts action servlet,
J
December 2001 23:29
To: Struts Users Mailing List
Subject: HTTP form based authentication
HI all,
When we follow HTTP form based authentication, for the form field we write:
( as per servlet specifications )
Using an action other than ".do" will break the action / action servlet
chain.
HI all,
When we follow HTTP form based authentication, for the form field we write:
( as per servlet specifications )
Using an action other than ".do" will break the action / action servlet
chain...
How to make this a part of action chain?
Any way of work around for th
I figured out how to make Form-based Authentication use the form-error page
to login
and thought I would share with everyone. The instructions are
iPlanet-specific, but
can most likely be ported to another appserver, providing you knew the name
of the
hidden field that holds the url that the
---
From: Debasish Ghosh <[EMAIL PROTECTED]> on 28/09/2001 14:54 MST
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:
Subject: Re: Authentication before struts
what we have done is we have moved the authentication
totally at the controller level.
we have overridden the defaul
Hi,
I would like to control j2ee security in the following way.
1) have my app server use j2ee security for form login (done).
2) have my designated login jsp submit to a struts action (login.do).
3) be able to perform any additional validations I like in the struts login
action.
4) then, manual
I'd like to have some info on this too.
Thanks!
Wellington
-Original Message-
From: Giuseppe Galli [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 04, 2001 10:53 AM
To: [EMAIL PROTECTED]
Subject: Re: LDAP Authentication To Active Directory
Hi Supriya,
I' see your p
PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 13, 2001 1:39 PM
Subject: LDAP Authentication To Active Directory
> I have successfully implemented LDAP authentication to Microsoft Active
> Directory at Wayne State University school of Medicine. If anyone is
> interested i
Jonathan:
Another approach you may want to look at is the way we've done the Struts
integration with our own OSS framework, Expresso: We subclass "Action" in
our "Controller" class, and the "Controller" class actually does all of the
authentication/authoriz
Have you looked at Nic's extensions for Role-Based Actions?
http://husted.com/about/struts/struts-security.htm
[EMAIL PROTECTED] wrote:
>
> > i would prefer not to put the authentication code in
> > the action because it opens the possibility of having
> > authen
> i would prefer not to put the authentication code in
> the action because it opens the possibility of having
> authentication logic in each and every action
In my case, each action needs a different authentication.
For example, some users have read-only access and some
have modi
I would agree that subclassing the ActionServlet is usually preferable,
but would point out that the strategy is to provide a BASE action with
the authentication code, that others would subclass. So the
authentication code would only exist once, in the base class.
-- Ted Husted, Husted dot Com
i would prefer not to put the authentication code in the action because
it opens the possibility of having authentication logic in each and
every action, which would essentially defeat one of the main purposes of
having a controller in the first place--one point of access for security
reasons
> wouldn't it be better to put this code directly into the action
> servlet and rebuild struts?
That goes against my code-reusability instincts. I strive to use
the default struts build and default tag libraries.
The other possibility would be to put this in the Action class.
Before it checks th
Jonathan M Crater wrote:
> i'd also be interested in hearing the rationale behind the desire not to
> subclass ActionServlet from those of you who prefer to avoid it.
Offering alternatives to subclassing ActionServlet so that other
resources (like things for ValidatorForm and Tiles) can be loaded
I would highly recommend looking at JAAS for authentication/authorization.
I'm using it in conjunction with Struts right now (using JBoss/Tomcat) and
everything is working fine. I'm still in development and haven't gone live
yet, but so far so good.
JAAS takes a little while t
he session context. Each action can then take some access control decision
> based on this information.
>
> However I am currently trying to use JAAS (Java Authentication and
> Authorization Service) just for the authorization part. I have written a doc
> on the various issues of doin
JAAS (Java Authentication and
Authorization Service) just for the authorization part. I have written a doc
on the various issues of doing so and how I'm planning to do so. I'm still
working on it but it may be useful to some of you, so I attach it. This
document mentions "eShell":
> I wondered what approach you guys took when implementing security,
> authentication and authorisation. I have the common scenario
> where the application I am creating allocates roles to certain
> types of users, allows them to login, then restricts access to
> certain pages
Hi Guys,
I wondered what approach you guys took when implementing security,
authentication and authorisation. I have the common scenario where the
application I am creating allocates roles to certain types of users, allows
them to login, then restricts access to certain pages and within the
I am using struts with iAS sp3.
I am sending all urls through my action servlet with the following mapping:
action
*.do
And I'm protecting this with the following security-constraint:
LDAPSecurity
LDAP-controlled Security
*.do
GET
PO
Title: RE: LDAP Authentication to Active Directory
Did you ever get a chance to post the source for this?
Thanks,
Matt
TECTED]; [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: LDAP Authentication to Active Directory
>
>
> Here the complete Code. I would request you guys to keep my
> name as the
> Contributor in the top of these files.
>
> This code works for Wayne State University.
structure,DN's and CN's .
Then you will understand the java code.
Steps in Java Code
1. Authenticate.java calls LdapGetDn.java --this is anonymous look up
for userid-returns a DN(String)
2. Use DN returned and password as authentication.
3. On success call GetAttributes.java to get you
Hello SUPRIYA,
Can you place your code sample to the some server and post URL to it
to the list?
Monday, August 13, 2001, 3:39:48 PM, you wrote:
SM> I have successfully implemented LDAP authentication to Microsoft Active
SM> Directory at Wayne State University school of Medicine. If any
You will get in after an hour when i am at work
>From: "Gregor Rayman" <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: <[EMAIL PROTECTED]>
>Subject: Re: LDAP Authentication To Active Directory
>Date: Mon, 13 Aug 2001 13:38:48 +0200
>
>I
I am.
- Original Message -
From: "SUPRIYA MISRA" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 13, 2001 1:39 PM
Subject: LDAP Authentication To Active Directory
> I have successfully implemented LDAP authentication to Microsoft Active
&
I have successfully implemented LDAP authentication to Microsoft Active
Directory at Wayne State University school of Medicine. If anyone is
interested in having LDAP Authentication To Microsoft Active Directory ,
please email me.
Supriya Misra
System Integrator II
MSIS,WSUSOM
Detroit, MI
> From: Matt Raible [mailto:[EMAIL PROTECTED]]
> Sent: 30 July 2001 12:53
> To: [EMAIL PROTECTED]
> Subject: Form-based Authentication using Struts
>
>
> I am implementing form-based authenication and have a couple of questions.
>
> I have all my JSP's setup so th
Does your web.xml contain a declaration?
-Original Message-
From: Matt Raible [mailto:[EMAIL PROTECTED]]
Sent: 30 July 2001 12:53
To: [EMAIL PROTECTED]
Subject: Form-based Authentication using Struts
I am implementing form-based authenication and have a couple of questions.
I have
form-based authentication with
struts and the .do extension?
Here are the my entries in web.xml:
action
*.do
LDAPSecurity
LDAP-controlled Security
/*.do
GET
POST
an accept, because I know the
2.3 spec. will be here soon enough.
- Levi
- Original Message -
From: "Yi-Xiong Zhou" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 06, 2001 3:45 PM
Subject: container managed authentication
> How do I p
How do I perform additional process in struts at the time of authentication
if container managed authentication is used?
For example, after the user has just logged on, I want to initialize some
attributes in the session by loading in some data from the database. One way
to do that is to add a
201 - 300 of 350 matches
Mail list logo
