Hi, I have a struts application that requires authentication. I currently use JDBCRealm for this but because of a series of work-arounds I think I must use, I'm looking for a better method. Here are my kludges:
1) Default forwarding in an action just does a forward, so if my original action doesn't need authentication, but forwards to a jsp page that does, the URL doesn't change so the page bypasses authentication. In order to get around this, I added the init-param forward in my ActionServlet mapping to use the RedirectingActionForward class. This works, but leads to my next problem... 2) Using RedirectionActionForward, all my actions that have errors and stay on the current page have their values erased if I use request scope. Therefore, all my pages have to use session scope to reuse previously entered values. 3) I have a registration screen which automatically logs in the user. In order to do this, I save the username/password in a session object. On my login page, I check if this object exists and if so set these values as a couple of hidden fields and automatically submit. I'm somewhat of a struts newbie so I feel like I'm probably missing the cleaner solution(s). If anyone has any thoughts, I would appreciate hearing them. Regards, Brad __________________________________________________ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
