Re: design security issue

2004-06-09 Thread Harjot Narula
Sent: Wednesday, June 09, 2004 5:22 AM Subject: RE: design security issue > Well, you could do something as simple as setting a session attribute every > time an Action is called that stores what page was accessed, but before > doing that you check what value is there already and if i

RE: Fw: design security issue

2004-06-09 Thread Frank Zammetti
MAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Subject: Fw: design security issue Date: Wed, 9 Jun 2004 19:02:22 +0530 To implement a similar behaviour struts provides with the saveToken functionlaity. Look at it here http://www.scioworks.net

Fw: design security issue

2004-06-09 Thread Harjot Narula
lt;[EMAIL PROTECTED]> > Sent: Wednesday, June 09, 2004 5:22 AM > Subject: RE: design security issue > > > > Well, you could do something as simple as setting a session attribute > every > > time an Action is called that stores what page was accessed, but before > >

RE: design security issue

2004-06-08 Thread Sun Peng
JSP? Cai Peng -Original Message- From: Zhang, Larry (L.) [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 09, 2004 6:15 AM To: Struts Users Mailing List Subject: RE: design security issue Thank you Frank and Yuanbo, for the points. Our application is set up in SSL and password

RE: design security issue

2004-06-08 Thread Frank Zammetti
nd bypass that little check in the Actions. Frank From: "Zhang, Larry (L.)" <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Subject: RE: design security issue Date: Tue

RE: design security issue

2004-06-08 Thread Zhang, Larry \(L.\)
one manage has a lot of employees so I want to make sure the data is not somehow messed up. Thanks. -Original Message- From: Frank Zammetti [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 08, 2004 5:41 PM To: [EMAIL PROTECTED] Subject: RE: design security issue Excellent point, thanks for

RE: design security issue

2004-06-08 Thread Frank Zammetti
Excellent point, thanks for adding it! Frank From: "Wang, Yuanbo" <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Subject: RE: design security issue Date: Tue, 8 Jun

RE: design security issue

2004-06-08 Thread Wang, Yuanbo
ight be plenty. Frank >From: "Zhang, Larry (L.)" <[EMAIL PROTECTED]> >Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: design security issue >Date: Tue, 8 Jun 2004 15:14:36 -0400 > >I have an web

RE: design security issue

2004-06-08 Thread Frank Zammetti
be plenty. Frank From: "Zhang, Larry (L.)" <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: design security issue Date: Tue, 8 Jun 2004 15:14:36 -0400 I have an web application on which the manager can

design security issue

2004-06-08 Thread Zhang, Larry \(L.\)
I have an web application on which the manager can view his manage tree and select his employee for transactions (such as Perfromance Rating, putting on Leave of absence). Definitely it is very vital in this case to keep the security or make sure one data for one employee is submitted not for an