----- Original Message -----
From: "Steve Raeburn" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Saturday, June 28, 2003 11:42 PM
Subject: RE: Sending a Redirect Directly from an Action Class
> > If you mean the page /somePage.jsp can be put under a security
> > constraint in web.xml and you can redirect to it, that is not
> > going to work in theory. This is the original point why the
> > page can not be protected by the security constraint when the method
> > response.sendRedirect("/somePage.jsp") is called and
> > the call response.sendRedirect("/someAction.do") is one
> > of solutions to it.
>
> You are mistaken. Container managed security can protect any resource in
the
> web application, including JSPs. Please don't think I'm advocating calling
> JSPs directly - I'm not. But the reasons you shouldn't do not include
> anything to do with CMS.
When you said "This is not true." to the original concerns regarding
response.sendRedirect("/somePage.jsp") method (which implies a
direct call to the JSP page) and now you are not
calling JSP directly, I don't get you. Of course, we know the security
contraints can protect any thing. The problem is when a page is
protected, the redirect will fail.
>
> > You use it as you *need* it, not because it is another tool in the box.
> > What I am searching for is some compelling business requirements
> > that the redirect within a web application is *really* necessary. I hope
> > some one could provide more hints.
>
> That's what I meant. You use the tool that's most appropriate and
redirects
> are *one* of many tools available to us. It would be wrong to use it for
> everything but it would be equally wrong to avoid using it where it is
> appropriate.
>
> Anyway this has strayed well away from Struts. The original question was
> whether to use sendRedirect in the action or use an ActionForward. That
> question has been answered.
>
> Steve
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
