There are varied opinions on doing as Andrew suggests.
I, personally, recommend that approach as it:
a) forces the users to go through index.jsp or an action
b) allows you to put your session validation/redirection in
one place (the action or base action class)
c) forces your developers to use actions for everything, even
if you are just displaying a simple jsp with no dependent
objects (ActionForm or other beans)
I have found that this approach forces good design and better code.
I have modified the struts-example to use this.
Let me know if you would like a copy.
James Mitchell
Software Engineer\Struts Evangelist
Struts-Atlanta, the "Open Minded Developer Network"
http://www.open-tools.org/struts-atlanta
> -----Original Message-----
> From: Andrew Hill [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 01, 2002 5:56 AM
> To: Struts Users Mailing List
> Subject: RE: Login process
>
>
> Apart from the index.jsp, you would probably be best served by putting all
> your other jsps (that require authentication) in the WEB-INF
> directory. This
> way they can only be reached by an action forwarding to them and not
> directly.
>
> -----Original Message-----
> From: Heligon Sandra [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 01, 2002 17:50
> To: '[EMAIL PROTECTED]'
> Subject: Login process
>
>
>
> Hi,
>
> I am trying to use the method processPreprocess of the
> RequestProcessor
> in order to authenticate web clients in my struts application.
> I am some doubt about the flow, when the index.jsp page is displayed
> this
> method is called, isn't it ?
> How can I distinguish an unauthorized request from a first request (
> index.jsp) ? Has somebody a sequence diagram that illustrate this
> "mechanism" ?
>
> Thanks
>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
