Struts and web browser already verified it for you. The whole point of
establishing a session is to correlate a browser to the server.
Browser already sends a cookie containing session ID to the server
along with each request. So as long as you can retrieve the user
object from the session, corresp
the DB and use the session thereafter.
Al
-Original Message-
From: Yan Hu [mailto:[EMAIL PROTECTED]
Sent: Monday, April 18, 2005 8:46 PM
To: Struts Users Mailing List; Daniel Watrous
Subject: Identify users
Hi:
I have a question.I need to check if a user is the one who has
permission
Hi:
I have a question.I need to check if a user is the one who has permission
to a certain action.
His role is stored in the database, for example user.isStudent. The whole
student object is
stored in the session after he logs in successfully . From that point on,
every time he sends a
3 matches
Mail list logo
