Question #1: What security are you using? I am assuming container managed. If so, then you can use the programmatic standard of request.isUserInRole(String role). To find out user or principal identification you can use the request.getRemoteUser() and request.getUserPrincipal(). Another plan is to store a user bean into the session and draw info from when needed.
Quesiton #2" The only way that I know how you would accomplish (or even come close to) an auto logout when someone leaves the site would be to keep a request scope boolean passed in every request. If the boolean is absent from a particular request then a login is required. The best way you could do this would probably be to extend you base Action class and enclude a method that looks for a request scope value. If the value isn't there then you invalidate the session and require a login. This would require that you include a call to your extended method in every action class. Brandon Goodin Phase Web and Multimedia P (406) 862-2245 F (406) 862-0354 [EMAIL PROTECTED] http://www.phase.ws -----Original Message----- From: vivek shrivastava [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 28, 2002 10:14 PM To: [EMAIL PROTECTED] Subject: Preserving Login Information HI, First of i would like to say to all of you that this is my first web application and i am using struts. I have question about "Preserving Loginn Information" or "Passing Authentication Information to all other pages". Q1. once a user has logged in, and we have confirmed that the loging is correct, How do we keep track this information for all future user request that we have validate this user and this is a valid user. what is the best and way to achieve this task? Q2. Once user leave the application , lets say user opens yahoo.com without clicking on logout link on the application. how can we prompt user for login/password, if he/she try to use application using "Back" button? If someone can help me or point me to a example where i can see how do we solve or implement both the problem? please do help me because i have to build this application and give a demo ASAP ( not fully but loging part). waiting for help and thanks for help. vivek _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
