Ex in web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>/do/loginPg/*</url-pattern>
<url-pattern>/do/newsBlgCmntAddPg/*</url-pattern>
<url-pattern>/do/userChngPg/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>VALID</role-name>
<role-name>ENHANCED</role-name>
<role-name>GUEST</role-name>
<role-name>EXPIRED</role-name>
<role-name>ADMIN</role-name> </auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint><login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/sLogin/login.jsp</form-login-page>
<form-error-page>/sLogin/loginBad.jsp</form-error-page>
</form-login-config>
</login-config>Rob van Oostrum wrote:
This might be more involved than you may think. The easy answer is to extend the RequestProcessor and add this functionality there. The hard answer is that you may not want to enable a user to just jump to any given page, only having to go through a login step to get there. You may very well need session data that gets built up in the course of a user session (think of multi-page forms and such). And yes I think this should on some level be part of Struts. It's too common for it not to be ...
just my .02 Rob
-----Original Message----- From: Craig Edwards [mailto:[EMAIL PROTECTED] Sent: November 14, 2003 10:12 PM To: [EMAIL PROTECTED] Subject: Redirecting after logon...
Some of my pages need the user to be logged on before they can be viewed, so I have cobbled together some simple behaviour in my Action superclass that forwards them to a logon page. Now, I need to send them back to where they were originally trying to go before I redirected them to logon. I have a couple of questions banging around in my head:
1. Should this redirection be performed by my RequestProcessor class or by my Action superclass?
2. After they have logged on (in LogonAction), I need to return an ActionForward object that takes them back to where they were trying to go originally before I forced them to logon. However, I don't know how to construct an ActionForward that contains everything it needs (for example, what if their original request was a POST containing FORM data, or was a URL like "/action/blah?id=123&a=b&c=d"... I want to preserve and forward this info.)
3. I would have thought that nearly every web app would need this behaviour, but both my struts textbooks give mickey-mouse examples, and I can't find anything on the web that looks remotely like a real-world example. Does anyone know of any real examples or advice that they would care to share?
Many thanks...
-- Craig Edwards Sydney, Australia
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Victor Cekvenich, Struts Instructor (215) 321-9146
Advanced Struts Training <http://basebeans.com/do/cmsPg?content=TRAINING> Server Side Java training with Rich UI, mentoring, designs, samples and project recovery in North East. Simple best practice basic Portal, a Struts CMS, Membership, Forums, Shopping and Credit processing, <http://basicportal.com> software, ready to develop/customize; requires a db to run.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
