> When I talked the use of the redirect to /someAction.do, it > doesn't imply it is protected by the security constraints. > Normal pratice of the MVC model is that most of JSP pages should be > protected while actions should not. Because actions have internal > logics to perform security checking, that is a common sense > (If you protect all of your actions, /*.do, how > do your end users submit web forms? :-)
It does imply that when the original question was not about different security methods. I assumed that as the question was not about security then the action would be protected in the same way as the jsp otherwise the discussion, in the context of redirection, is meaningless. I could equally ask why you don't just programme the whole thing in Fortran, but that would be equally tangential to the original question :-) Steve --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
