Hello, I was hoping someone would have some advice on securing a website using struts. I am developing a webapp that has to be secure (password protected) and which restricts access to different parts of the site depending on the roles a user possesses. The roles each user has are stored as XML in a database and may be configured by an administrator. Does struts have any built-in security capabilities that I could take advantage of?
Any help/pointers would be much appreciated! My first guess would be to put all jsp pages in WEB-INF (use only ForwardAction to get to each page) and subclass ActionServlet with the logic for check authentication etc. However, will this cause any problems when it comes to a user book marking a page? Thanks, -Ryan Cuprak -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>