On Monday, June 3, 2002, 10:58:07 PM, Chuck Cavaness wrote: CC> What I suggest is to look at the processPreprocess() method in the CC> RequestProcessor and possibly override this to do your checks. It's called CC> for every request and long before ActionForm's are populated and Action's CC> are invoked. The default value is to return true, which allows request CC> processing to continue. What I've done in the past is to override this, CC> check the login, and possibly redirect the user to the login page. If the CC> user's logged in, just return true to continue processing the request.
Excellent idea. Thanks. You are right I wouldn't even want form validation to take place if they weren't logged in ( which would be allowed to happen if I only checked in the action ). I take it I'll have access to the session as well inside of RequestProcessor, because if I go this route I will also need to check for particular roles that will be stored in a UserBean put in the Session and possibly deny or grant access based on these roles. -- Rick mailto:[EMAIL PROTECTED] "I wish I had a dollar for every time I spent a dollar, because then, Yahoo!, I'd have all my money back." -Jack Handey -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>