If the user is allowed to view the page, then no problem. If he is not.. then you should have some sessionid authentication and user role and privilige authentication in every page.
I think that's the only way of preventing a user to go to a restricted
page.
thanks
-raj
sriram
<[EMAIL PROTECTED] To: "'Struts Users Mailing
List'" <[EMAIL PROTECTED]>
h.com> cc:
Subject: Disallow user to modify URL
in browser address bar
22/08/2003 11:45
AM
Please respond to
"Struts Users
Mailing List"
How to identify if user has manipulated the URL in Address Bar of the
browser?
For ex., the application displays a page with the following URL:
http://localhost:8080/app/str/testview_srchpost.do
Now, the user modifies the URL in the address bard. Instead of
testview_srchpost.do, user types testtwoview_srchpost.do and clicks ENTER.
I want to restrict such types of URL modification Struts application. I
should take the user to a default access denied page when ever user does
such changes.
How to identify this action of the user? Pl. give some ideas.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
