have a user bean, and then session.setAttribute("user", userBean);
do session.getAttribute("user") and validate before processing every request. Quoting Raditha Dissanayake <[EMAIL PROTECTED]>: > Last time i read the j2ee api i didn't notice anything about storing > admin/user staus in the HttpSession object. > Anyway like i said if you read the manual and SFTA you would have found > the answers. > > ajay wrote: > > >hi! > > > >well i do have a MySQL database. The scenario is this, i dont want to use > >cookies or do any URL rewriting. > >i'm looking for something that mirrors J2EE's Session object that contains > >information about the user, their security level(user/admin etc) and this > >information can then be verified before each request. There would ofcourse > be an > >expiry on the object. Is there a prewritten framework/class to handle this? > > > >thanks > > > >regards > > > > > > > > > -- > Raditha Dissanayake. > ------------------------------------------------------------------------ > http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload > Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader > Graphical User Inteface. Just 150 KB | with progress bar. > > > -- ajay --------------- Who Dares Wins ------------------------------------------------- This mail sent through IMP: www-mail.usyd.edu.au -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php