Here we have application using struts and giving priviledges to some users or
some roles. We rely on container security to handle login. We simply put a
link to /jsp/admin which redirects to the / and, in web.xml, we ask for
everything under /jsp/admin to require authentification. This way
I am creating a shopping-cart type application using struts and have a
question. The site itself does not have any authentication on it, as people
just browse and add stuff to the cart.
But the site does require some data manipulation into the database. Upon
thinking about this, I would like
http://java.sun.com/j2ee/1.4/docs/tutorial/doc/
Chapter 32: Security
Should help.
Erik
Scott Purcell wrote:
I am creating a shopping-cart type application using struts and have a question. The site itself does not have any authentication on it, as people just browse and add stuff to the cart.
In our application we used what we called guard tag. It is a simple
custom tag, which contains something like this:
HttpSession session = pageContext.getSession();
String userID = (String)session.getAttribute(Constants.USERID_KEY);
We put this tag in the beginning of a page:
acme:guard/
Scott Purcell wrote:
I am creating a shopping-cart type application using struts and have a question. The site itself does not have any authentication on it, as people just browse and add stuff to the cart.
But the site does require some data manipulation into the database. Upon thinking about
5 matches
Mail list logo