And of course UserBean has a isInRole(role) method so if you need to
have fine control anywhere you have it. The servlet filter stuff is nice
because you can configure this part in an xml file... but I'm still
having that one issue that I just posted about.. (problem when user is
deep in an app and the session times out and after the user now is
brought back to the login page and submits the user is returned to where
he left off, which errors out bc some stuff is missing in the sesion
that your normally get to by going through the steps).
On Thu, 2003-07-03 at 15:00, Rick Reumann wrote:
> On Thu, 2003-07-03 at 14:37, David Erickson wrote:
>
> > Thoughts, comments? Any other ways to do this?
>
> I like to subclass the RequestProcessor and over-ride the process
> method:
>
>
> public void process(HttpServletRequest request, HttpServletResponse
> response)
> throws IOException, ServletException {
>
> Here I do a simple check to make sure that there is a "UserBean" in
> session scope. If it is not then the are forwarded to the login Page
> which submits to the LoginAction and everything gets setup like you
> mentioned. Seems clean and simple to me.
>
> Only small problem is if later on way down the road the RequestProcessor
> changes in Struts.
>
> The other thing I like is just make sure the only way you can get
> anywhere is through an Action mapping /do/* or .do whatever. Then I have
> all my actions extend a BaseAction (BaseDispatchAction actually). In
> there I overwrite the execute method which does the same as in the
> over-ridden class above.
>
> This later idea is probably better but you just have to remember to make
> sure all your actions extend a BaseAction.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
