We use this consept. The loginform is unsecured (not filtered). When trying to access a secured page with no session (this is checked by the filter), - the request is forwarded to the loginpage. After successfull logon, - you are sent to the originally selected page. If the logon fails,- you gets the errror, - i.e. logon failed...
Geir -----Opprinnelig melding----- Fra: Curtney Jacobs [mailto:[EMAIL PROTECTED]] Sendt: 10. januar 2003 16:19 Til: Struts Users Mailing List Emne: Security Filter and ActionForm Greetings!! I have a login ActionForm (LogInForm) and a associated login Action class (LogInAction). When the form is submitted, the request is intercepted by a Security Filter. The Security filter authenticates and perform necessary authorization checks on the user via a ldap server. If the user authentication fails, let say because of an invalid password, how can I use my ActionForm (LogInForm) to indicate this error to the user? I am aware that the Struts ActionForm and Action have not even been instantiated/intitialize, since the security filter intercepted the request. I have thought of setting an attribute in the request scope, for example, an "invalid flag" that the ActionForm validate method can check for. This will then trigger the display of the login form and asociated error message to the user. I am not sure if the above is good practice :( Any suggestions or comments will be much appreciated. Curtney Jacobs -- U-Interface.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
