On 1/19/06, David Thielen <[EMAIL PROTECTED]> wrote: > I thought there was a way to have an action class get called before a page > was rendered as well as when the form was submitted. Or something like that > - but it could be clearly tied to each jsp page.
That will happen automatically if you link to (for example) welcome.do rather than index.jsp. Most people force all requests to go through an Action, either by adding a security constraint on jsp pages or putting them under WEB-INF where the container is forbidden to serve them directly. Rather than try to control access to individual pages, though, I'd do it at the Action level. Is a user allowed to update, or only to view the information? > Is my memory off? (I know I had a system in some old code where each page > did a security check when it was going to be rendered and if the user was > not authorized, forwarded them to the home page.) Sounds reasonable to me. -- Wendy --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
