Hi all, according to some conditions, the users must be enforced to change their passwords after they login. I am using Struts 1.3, hibernate and Tomcat. The scenario is as follows:
- when the password of the user is expired and he logs in, he is redirected to the change password action and form. all the main menu links are disabled (precisely, they redirected to the same change password action according to a common flag in the session) except the log out button or the save button of the change password form. - So far everything is ok, the problem occurs when the user gives a direct URL to a previously saved page in side the web-application. can anyone tell me how can prevent the user from going anywhere in the application if he did not change the password and save his changes? Thanks for any help in advance mohmans -- View this message in context: http://www.nabble.com/enforce-user-to-change-his-password-before-he-can-do-anything-tp24071648p24071648.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
