Hi I'm a Stripes newbie, please forgive me if this is a dumb question :)
I need to protect various screens of an administration backend, i.e a user has to be logged in in order to see the screens, otherwise, it will be returned to a login page. When the login is successfull, a User object is stored into a session. I've tried the SecurityInterceptor available at http://www.stripesframework.org/display/stripes/Intercept+Execution, however I've ran into a problem because this interceptor also intercepts the LoginActionBean I use to log the user in, obviously it will fail because the user is set into the session inside a LoginActionBean event : the only solution I've found so far is to do the following in the interceptor to bypass the security check around the login bean : if(ctx.getActionBean() instanceof LoginActionBean){return resolution;} However, this does not "feel" right ; when I see an instanceof I usually ask myself if this is the best scenario. Is my instanceof check the correct way to avoid protecting the login action bean itself ? Thanks ! laurent -- <a href="http://in-pocket.blogspot.com";>http://in-pocket.blogspot.com - Mobile world, technology and more</a> ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Stripes-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/stripes-users
