I use a LoginFilter (not an interceptor, for the reasons you pointed out). The filter can take some patterns for paths to ignore (like the login action, login page, .css files, etc) and then be applied to /*. My Login action authenticates the user and then puts a token in the session to indicate he is logged in.
-Pat ----- Original Message ----- From: "Bernardinus" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, June 01, 2003 8:40 PM Subject: [OS-webwork] LoginAction question > Hi all, > > Suppose that I want to protect my web app with custom login, so that every > request to the web-app's resources are intercepted and validated (custom). > Login validation will re-direct user to appropriate resources. In WW-2, how > do I do that? > My first thought is to employ Servlet Filter to intercept all requests. > Alternative is to employ login interceptor, however as my understanding of > it, interceptors works on action based requests. That is if I have <ww:form > action="...">....</ww:form> or calling <www:action ..../> tag. No? > What if I want to prevent static resource (such as jsp page which has a link > to another action-ed page) from being accessed without proper access code? > That is to prevent user typing directly the url of the jsp page (static in > this case). And no, putting the web resources under WEB-INF dir is not an > option here. > > So, how would you guys implement such logic? Any advice is highly > appreciated. > > thanks, > /bernard > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: eBay > Get office equipment for less on eBay! > http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 > _______________________________________________ > Opensymphony-webwork mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork ------------------------------------------------------- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 _______________________________________________ Opensymphony-webwork mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork
