Didier Dubois wrote:
> Depending on the user name (actually his role), I redirect the user to
> one page or an other.
> Any idea?
Hmmm... In the current model, you should write your own session validator
action, that will have the functionality of AcceessControler action
(set up the ACL) and then redirects the user, according to the role.
You would use a do-nothing AccessControler action then.
I think that we could have SessionValidator and AccessControler in reverse
order in Turbine.doGet, but I can be missing something important here.
I'd like someone more experineced to explain why is it done this way.
If they were reversed, you would have to override SessionValidator action
only to do the redirect.
Another thing - the security system is really unstable at the moment!
I try hard no to break working code, but there are some issues that
will change. For example, when using LDAP for storing user information,
you should no longer depend on User.getId() method. Therer are no
numerical ids in LDAP, everything depends on unique DNs
(distinguished names). Of course the getId() method stays, but it will
work only with DB backend.
Rafal
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
