on 9/21/2000 3:07 AM, "Rafal Krzewski" <[EMAIL PROTECTED]> wrote:
> I think that we could have SessionValidator and AccessControler in reverse
> order in Turbine.doGet, but I can be missing something important here.
> I'd like someone more experineced to explain why is it done this way.
It has to be that way because you can't assume that someone has a valid
session before they are given the login screen.
Imagine it working like this:
User gets an email that has a link to something like this:
http://www.foo.com/servlet/Turbine/template/Foo.wm
Assume that Foo.java requires login first before seeing the contents of the
page. Then, what you have to do is end up showing the Login.wm screen before
the Foo.wm screen. Problem is that you don't have a valid session first.
I hope that makes some sense...it is that way on purpose and has been that
way for about 2+ years now.
thanks,
-jon
--
http://scarab.tigris.org/ | http://noodle.tigris.org/
http://java.apache.org/ | http://java.apache.org/turbine/
http://www.working-dogs.com/ | http://jakarta.apache.org/velocity/
http://www.collab.net/ | http://www.sourcexchange.com/
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
