Re: Sending a Redirect Directly from an Action Class

Sat, 28 Jun 2003 10:27:33 -0700 

I have the following concerns whenever the redirect is used:

* The statement response.sendRedirect("/somePage.jsp")
   will bind the codes statically to the underlying file system
   structures. So if someone moves the somePage.jsp to
   a different location, the codes are broken.

* The JSP page somePage.jsp could not be protected
   by the standard security constraints. So it is recommended
   to use response.sendRedirect("/someAction.do") or
   a Filter, either way that provides security checking.
   Improper use of the redirect could make the security
   constraints over complicated as in an early discussion on
   how we redirect to restricted pages.

* Use the redirect only when it is really needed. It needs 
   extra CPU time and network resources than just forward.

Regarding to the last concern, I have a question: what
business requirements that need the redirect within
a web application? Using the redirect across web
applications or web sites is reasonable as well as when
we dynamically build hyper links.

A delay at client side? Any more ideas?

Jing
Netspread Carrier
http://www.netspread.com

----- Original Message ----- 
From: "Mike Duffy" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, June 28, 2003 11:27 AM
Subject: Sending a Redirect Directly from an Action Class


> What are your thoughts on sending a redirect directly from an Action
> class:
> 
> response.sendRedirect("/somePage.jsp?");  
> return null;
> 
> There is a setRedirect(boolean redirect) in the ActionForward class
> that could be used for the same purpose (with a few extra lines of
> code and an entry in the strutsconfig.xml).
> 
> Thanks.
> 
> Mike
> 
> 
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
> http://sbc.yahoo.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to