Hi
The following is the strategy I use. It may help. It may
also be bad practice so feedback welcome.
I am writing a simple app right now that only checks whether user
is logged in as ordinary user or admin. I use an utility class
UserUtil.java that has static methods for other Action to call.
import javax.servlet.http.HttpSession;
public class UserUtil {
// A returned 'null' User means user not logged in
public static User getUser( HttpSession session ) {
User user = null;
Object obj = session.getAttribute( Constants.USER_KEY );
if ( obj != null )
user = (User)obj;
return user;
}
// A returned 'null' User means user not an admin
public static User getAdmin( HttpSession session ) {
User admin = null;
Object obj = session.getAttribute( Constants.ADMIN );
if ( obj != null )
admin = (User)obj;
return admin;
}
}
Regards
----- Original Message -----
From: "Leandro Melo" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Friday, August 20, 2004 1:20 AM
Subject: Re: Security - From tradition to struts
> Thank you very much for your time Erik, i'll try to
> get some study around it!!!
>
> I don't know if it's possible (probably not, i
> know...) , but if you could send me your LogonAction
> class (and associated stuff) would awsome! But i you
> can't, that's allrigth, i completely understand!
>
> Regards,
> Leandro.
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
