Hi Dave, You have more choices to do user authentication, depending on your application's need, your experience and determination :)
1. you can put it in every jsp but just think at the maintenance. Having to modify all those jsp for one little change is not that fun. 2. If you use struts you can check for user in every Action and depending on the result forward him to the proper page. This again is difficult to maintain if you have many Actions but it easy to do and understand 3. Extend RequestProcessor class so you can write your code in just one place. RequestProcessor is called before any Action. I don't have any link to example but I think someone here will help you with this ;) 4. Security constraints / container authentication, related to Tomcat as I understand is well documented on http://jakarta.apache.com/tomcat/ The advantage of this method, less code and centralized authentication. It seems to be the most used method around here 5. Filter authentication, similar in a way to container, the same advantages. Basic you create a class that does the authentication against database etc, and you modify web.xml file to direct all the requests by the filter. 6. A method I didn't try yet and don't know much about, use of a tag-lib on every jsp to do the authentication. These are the methods I found reading posts going back to 2001 in this mailing list. I use this link to search the mailing list: http://marc.theaimsgroup.com/?l=struts-user&r;=1&w;=2 HTH, Cezar > -----Original Message----- > From: David Thielen [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 26, 2003 4:16 PM > To: Struts-Users > Subject: login test in a jsp page - any suggestions > > Hi; > > I want to put a test in every jsp page to see if the user is logged in. And > if not, to forward them to login.jsp. Is there any way to do this other than > putting java code in my jsp? I'm hoping there is some struts system like > <html:check app="MyAction"/>. > > > (Yes, I can have everything be an action that does this test and then goes > to the jsp page - but in that case what if they type the path for the jsp > page directly?) > > thanks - dave > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
