----- Original Message ----- From: "Steve Raeburn" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Saturday, June 28, 2003 9:45 PM Subject: RE: Sending a Redirect Directly from an Action Class
> > > -----Original Message----- > > From: Jing Zhou [mailto:[EMAIL PROTECTED] > > Sent: June 28, 2003 3:46 PM > > To: Struts Users Mailing List; [EMAIL PROTECTED] > > Subject: Re: Sending a Redirect Directly from an Action Class > > > > > If you means the new redirected request to the page /somePage.jsp is > > subject to container managed security because a custom action in the page > > perform the security checking, that is not called container manager > > security. > > It is the old Model 1 things. > > > > Nope. I mean container managed security, defined in web.xml If you mean the page /somePage.jsp can be put under a security constraint in web.xml and you can redirect to it, that is not going to work in theory. This is the original point why the page can not be protected by the security constraint when the method response.sendRedirect("/somePage.jsp") is called and the call response.sendRedirect("/someAction.do") is one of solutions to it. > > > > > It is a good example. I did heard some customers mentioned it somewhere. > > But displaying *right* URL on the address bar is a more client issue. > > Has any body tried to use Java scripts to change the URL to a desired > > string? For me, I just turn off the address bar. Of course, it is not a > > general solution to it. Any other examples? > > > > Javascript and hiding the address bar are unneccesary, inelegant and are > easily broken. By using a redirect you don't need to resort to such tactics. > I don't think anyone has ever suggested that redirects should not be used. > They're just another tool in the box. You use it as you *need* it, not because it is another tool in the box. What I am searching for is some compelling business requirements that the redirect within a web application is *really* necessary. I hope some one could provide more hints. > > Steve > > Jing > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
