At 11:53 PM 30/05/01 -0700, you wrote: >A good way of removing the bucketloads :-} from your Action classes is to >subclass ActionServlet and implement processActionPerform to do the logon >check. It's not just for login though, that was the example I used, every action that generates a form needs to do this. Mostly it is checking against URL hacking. -- Kumera - a new Open Source Content Management System for small to medium web sites written in Perl and using XML http://www.cyber4.org/kumera/index.html
- Re: Potential Security Flaw in Struts MVC Bryan Field-Elliot
- Re: Potential Security Flaw in Struts MVC Jeff Trent
- Re: Potential Security Flaw in Struts MVC Bryan Field-Elliot
- Re: Potential Security Flaw in Struts MVC Jeff Trent
- Re: Potential Security Flaw in Struts... Bryan Field-Elliot
- RE: Potential Security Flaw in Struts... Deadman, Hal
- Re: Potential Security Flaw in Struts... Craig R. McClanahan
- Re: Potential Security Flaw in S... Jeff Trent
- Re: Potential Security Flaw ... Jim Richards
- Re: Potential Security Flaw ... Martin Cooper
- Re: Potential Security Flaw ... Jim Richards
- Re: Potential Security Flaw in Struts MVC Martin Duffy
- RE: Potential Security Flaw in Struts MVC Anthony Martin
- Re: Potential Security Flaw in Struts MVC Jeff Trent
- Re: Potential Security Flaw in Struts MVC David Winterfeldt
- Re: Potential Security Flaw in Struts MVC Calvin Yu
- Re: Potential Security Flaw in Struts... Ted Husted
- Re: Potential Security Flaw in S... Calvin Yu
- Re: Potential Security Flaw in Struts MVC Peter Alfors
- Re: Potential Security Flaw in Struts MVC Jeff Trent
- Re: Potential Security Flaw in Struts... Peter Alfors
