I am using the below code to check for the presence of session attributes for security. Are there any issues I may be overlooking by doing it this way?
TIA, Jason //#################################################### // Default spgAction class //#################################################### package spg.logic; import com.clarify.cbo.*; import org.apache.struts.action.*; import org.apache.struts.actions.*; import javax.servlet.http.*; public class spgAction extends Action { public ActionForward execute (ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { HttpSession session = request.getSession(); Session ClfySession = (Session)session.getAttribute("ClfySession"); com.clarify.cbo.FormContext ClfyFormContext_S = (com.clarify.cbo.FormContext) session.getAttribute("ClfyFormContext_S"); if ( ClfySession == null || ClfyFormContext_S == null) { return(mapping.findForward("login")); } else return super.execute(mapping, form, request, response); } } --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]