I have implemented a generic dispatcher ActionClass to forward requests to my JSP. I mapped this generic dispatcher to two different mappings ie:
<action path="/dispatch" type="com.nuix.DispatchForwardAction"/> <action path="/secure/dispatch"type="com.nuix.DispatchForwardAction"/> The idea is that anything under /secure is protected using the WebContainer security mechanism. Funnily enough I never realise until recently that user can just simply forward to my secure JSP files using the non-secure dispatcher! Hah .. so much for this idea :D For example: What I inteded to do is something like this: /secure/dispatch.do?forward=homepage Because dispatch is under /secure , WebContainer will invoke the login/password screen, however smart and curious user can just type /dispatch.do?forward=homepage And voila they will go to the homepage withouth going through the login/password screen. Does anyone has a better way of implementing the generic dispatcher? Any help are appreciated. Ta, -- Victor Hadianto ----------- Why is Bottom-posting better than Top-posting http://www.fmf.nl/~anton/topposting.html -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>