A couple more notes on this. Rickard Öberg wrote:
The above is of course not scalable, since creating a set of proxies for *each invocation* will make the GC go crazy. Since they're typically stateless (like servlet filters) it's also just a bad idea.--- Action getAction(String name) { return new SecureAction(new ChainAction(new FooAction())); }
So, they need to be stateless, but then there's a need for an Invocation abstraction which will hold the request-specific chain and target action:
public class SecureAction
implements ActionInterceptor
{
public String execute(Invocation inv)
throws Exception
{
// Do security check
if (!isAllowedToAccess(getUser(), inv.getActionName()))
return UNAUTHORIZED;
// Delegate to next
return inv.next();
}
}
---
This is both easy to implement and performs well.
/Rickard
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork