Dear Mark: Did you actually check if the session variables about username and pwd info were null or correct at the beginning of those pages? Plus, you need to clear up these session variables after the user log out.
Ye Mark Glass wrote: > I'm developing a web application in Struts that requires a user to have a session >before they can use the application. Currently anyone can bypass the logon and use >the application. I would like the user to be required to login first. I am saving the >user info to session when the user logs in and testing the session for this attribute >before allowing them to use the functionality, however this does not work. > > Can anyone point me to a paper or tutorial or example which will show me how to do >this properly? > > Thanks much in advance, > Mark -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
