Geoff Coffey wrote:
It seems like we need our authentication check and redirect (or forward) on the content page itself and not in an include, so Muffi created a taglib to encapsulate this check and that seems to be working. Is this a typical solution? It seems like a frustrating restriction to prevent redirects or forwards in includes. Does anybody know the reason for this limitation? Does anybody have a better way to accomplish what I'm describing?
I know a lot of people prefer container-managed authentication, but my own approach has been similar to yours. At first I tried doing the exact same thing, which is how I would have done it in my old language, PHP. But with servlets/JSP, I think a better way to do this (that works well for me) is to write a filter and map that filter to any sensitive URLs. The filter does the authentication check, and has the ability to perform the sendRedirect with no problems (unlike a runtime JSP include using <jsp:forward>).
Erik
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
