hello all,
I am attempting to write an Authentication Filter (Servlet Filter) for my Stuts App.
It is pretty simple so far. it just checks to see if a User has Authenticated yet
(from the session), and if not calls sendRedirect on the response. code and xml
below....
public void doFilter...
...
HttpSession session = request.getSession();
if(!SecurityManager.isUserAuthenticated(session))
response.sendRedirect("login.do");
else
chain.doFilter(request, response);
<filter>
<filter-name>authenticationFilter</filter-name>
<filter-class>AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
my question, is how i can give the filter a list of pages that are unathenticated.
and to entend that idea, a list of pages that can only be authenticated by an admin.
i have seen that the FilterConfig can be used to get init parameters, but these only
seem to be single values. not a list of potential URLs.... does any one have a
solution to this problem?
thanks,
mark
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
