Hi I am going to use custom tags for checking access to Jsp, if no user/bean bean in session, then direct to login page.
And I am also going to check admin bean again in Action before invoking life cycle methods on business beans. Now am I over kill with authentication?? I mean, if all JSP pages that require user/admin access has custom tag that check for access at top, then i don't really need to check for authentication in Action classess. But it may also be good practice to double check for whatever reason. Just curious what's the usual practice u ppl do. Thanks --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]