There are varied opinions on doing as Andrew suggests. I, personally, recommend that approach as it: a) forces the users to go through index.jsp or an action b) allows you to put your session validation/redirection in one place (the action or base action class) c) forces your developers to use actions for everything, even if you are just displaying a simple jsp with no dependent objects (ActionForm or other beans)
I have found that this approach forces good design and better code. I have modified the struts-example to use this. Let me know if you would like a copy. James Mitchell Software Engineer\Struts Evangelist Struts-Atlanta, the "Open Minded Developer Network" http://www.open-tools.org/struts-atlanta > -----Original Message----- > From: Andrew Hill [mailto:[EMAIL PROTECTED]] > Sent: Monday, July 01, 2002 5:56 AM > To: Struts Users Mailing List > Subject: RE: Login process > > > Apart from the index.jsp, you would probably be best served by putting all > your other jsps (that require authentication) in the WEB-INF > directory. This > way they can only be reached by an action forwarding to them and not > directly. > > -----Original Message----- > From: Heligon Sandra [mailto:[EMAIL PROTECTED]] > Sent: Monday, July 01, 2002 17:50 > To: '[EMAIL PROTECTED]' > Subject: Login process > > > > Hi, > > I am trying to use the method processPreprocess of the > RequestProcessor > in order to authenticate web clients in my struts application. > I am some doubt about the flow, when the index.jsp page is displayed > this > method is called, isn't it ? > How can I distinguish an unauthorized request from a first request ( > index.jsp) ? Has somebody a sequence diagram that illustrate this > "mechanism" ? > > Thanks > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>