Just put the login page outside the protection of the filter to prevent the filter from denying access to the login page.
David
From: Mohan Radhakrishnan <[EMAIL PROTECTED]>
Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
To: Struts Users Mailing List <[EMAIL PROTECTED]>
Subject: Login filter
Date: Tue, 24 Dec 2002 14:09:03 +0530
Hi,
I wanted to clear a doubt about this. Do I remove the conventional login
check from my LoginAction to the filter ? That seems to be the right way to
use a filter.
1. Check for the user container( username,password object ) in the
session.
2. Call the isNew() method of the session.
The first method might be like this.
session = req.getSession( true );
if( session.getAttribute( WebConstants.USER_KEY ) == null ){
session.getServletContext().getRequestDispatcher("login.action");
} else{
chain.doFilter( req, response );
}
What about the second method ? I need to restrict the login action from
being filtered itself. Any advice is appreciated.
Thanks,
Mohan
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
_________________________________________________________________
MSN 8 limited-time offer: Join now and get 3 months FREE*. http://join.msn.com/?page=dept/dialup&xAPID=42&PS=47575&PI=7324&DI=7474&SU= http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8ishere_3mf
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
