Why not protect your "view tier" behind WEB-INF/ ? You can not reach directly your web-tier. You must execute an action to forward to the view tier. Cheers. Richard.
-----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] la part de Samuel Mota Envoyé : jeudi 30 octobre 2003 17:36 À : [EMAIL PROTECTED] Objet : [OS-webwork] Security Filter Hi, I've heard once that someone have done a security filter (Servlet filter - not webwork related) to stop users from entering the view tier directly (jsp, vm, etc.). I'm already doing a security check with an interceptor and the actions are secured .... but I'd like to use a filter to the view tier, my problem is that the user information is stored at the session as a webwork component and I'm not able to recover this object from the session at the filter. Any idea? thanks + Samuel G. Mota + [EMAIL PROTECTED] + 55 (11) 4417 7093 + Business Application Dpt. + Netset Serviços em Tecnologia + a Hypercom Company + http://www.hypercom.com ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Opensymphony-webwork mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Opensymphony-webwork mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork
