On Thu, 2003-07-03 at 15:27, Dolf Starreveld wrote:
> >
> How about deriving all your actions from a base class that checks if
> the requisite objects are in session, and if not, either puts them
> there, or forwards/redirects to a page which will cause them to be
> put there.
> If you prefer, you can of course also do this in a RequestProcessor subclass.
>
> I do the former and it works like a charm under any container (in my
> case Jetty and SecurityFilter).
he he that's exactly what I do do (see earlier post from a little while
ago:). I just wanted to give Container managed security a try since it
seems to be the rage these days:)
--
Rick
my post similar to yours was:
I like to subclass the RequestProcessor and over-ride the process
method:
public void process(HttpServletRequest request,
HttpServletResponse
response)
throws IOException, ServletException {
Here I do a simple check to make sure that there is a "UserBean" in
session scope. If it is not then the are forwarded to the login Page
which submits to the LoginAction and everything gets setup like you
mentioned. Seems clean and simple to me.
Only small problem is if later on way down the road the RequestProcessor
changes in Struts.
The other thing I like is just make sure the only way you can get
anywhere is through an Action mapping /do/* or .do whatever. Then I have
all my actions extend a BaseAction (BaseDispatchAction actually). In
there I overwrite the execute method which does the same as in the
over-ridden class above.
This later idea is probably better but you just have to remember to make
sure all your actions extend a BaseAction.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
