Implementing the ParameterNameAware interface with white/black list seems the best solution. Thanks, J.
On Wed, Jul 4, 2012 at 3:51 PM, Dave Newton <davelnew...@gmail.com> wrote: > Then whitelist/blacklist. > > Or don't expose sensitive data directly to the user. > > Dave > > (pardon brevity, typos, and top-quoting; on cell) > On Jul 4, 2012 8:49 AM, "J. Garcia" <jogaco...@gmail.com> wrote: > > > My action would have: > > > > public void setMyBean( MyBean myBean) {...} > > > > and I would like to avoid an injection on myBean.field3. This field could > > be the owner id for instance! > > > > On Wed, Jul 4, 2012 at 3:34 PM, Łukasz Lenart > > <lukasz.len...@googlemail.com>wrote: > > > > > Another way is to use AnnotationParameterFilterIntereptor (name > > > contains typo) and @Allowed and @Blocked annotations > > > > > > > > > Regards > > > -- > > > Łukasz > > > mobile +48 606 323 122 http://www.lenart.org.pl/ > > > Warszawa JUG conference - Confitura http://confitura.pl/ > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > > > For additional commands, e-mail: user-h...@struts.apache.org > > > > > > > > >