The example application has security coded in the application itself -
probably because more control was essential since they were setting the user
subscription info in the session upon this action. The other option if you
dont require this kind of control is to use the security provided by the
appserver.
Actually I have a related question - is it possible to do something upon
logon - even though we use the appsever provided security. In the example
application can use the appserver provided security and when the user logs
in put the user info in the session?
Pratima
-----Original Message-----
From: Jon.Ridgway [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 22, 2001 1:56 AM
To: [EMAIL PROTECTED]
Subject: RE: Where's the best place to do authentication
Hi Shogo,
Have a look at the 'example' webapp provided with struts, this uses a taglib
to check the user is logged on, I'm sure you could use/amend it to fit your
purpose.
Jon.
-----Original Message-----
From: Ito, Shogo [mailto:[EMAIL PROTECTED]]
Sent: 21 May 2001 20:11
To: [EMAIL PROTECTED]
Subject: Where's the best place to do authentication
Where would be the best place/way to authenticate every user's request? I
want to avoid inserting "code to authenticate" in all of my classes which
extend Action class. Should I create a class like MyAction to put this sort
of code, then extends this new class? Any better way?
Any suggestion greatly appreciated.
Shogo
