Can't you just use Container managed security and set a constraint for each action that requires a user to be in a role called user?
Not that I've tested it yet (but will be doing this week) Rick Lawson Infrastructure Specialist Napp Pharmaceutical Group -----Original Message----- From: Mooslechner Martin [mailto:[EMAIL PROTECTED]] Sent: 20 November 2001 09:49 To: 'Struts Users Mailing List' Subject: AW: Want to check user is logged in every page server You can do this with a custom tag <custom:checkLogonTag/> of course you also need to implement this tag. this is what actually does the job: public int doEndTag() throws JspException { // Is there a valid user logged on? boolean valid = false; HttpSession session = pageContext.getSession(); if ((session != null) && (session.getAttribute(name) != null)) valid = true; // Forward control based on the results if (valid) return (EVAL_PAGE); else { try { pageContext.forward(page); } catch (Exception e) { throw new JspException(e.toString()); } return (SKIP_PAGE); } } Take a look at the example Mailserver application that comes with Struts. -----Ursprungliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 20. November 2001 10:42 An: Struts Users Mailing List Betreff: Want to check user is logged in every page server Hi Everytime a page is served from my Struts application, I want to check to make sure the user is logged in. If they are not then I want to send them to the login screen. What is the best way to go about this using Struts? Cheers Tony -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ _______________________________________________________________________ CONFIDENTIALITY NOTICE The information contained in this e-mail is intended only for the individual or entity to whom it is addressed. It may contain confidential and privileged information and if you are not an intended recipient, you must not copy, distribute or take any action in reliance on it. If you have received this e-mail in error, please notify the sender and destroy and delete the message from your computer. _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>