Sorry all if you're receiving this twice. I sent this to [EMAIL PROTECTED] originally. Not sure which is more appropriate.
------------------------------
Hello All. Thanks in advance for your help.
I'm trying to implement Application controlled security in conjunction with the <security-constraint> option in web.xml.
Here's what I got.
web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/secure/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
struts-config.xml:
<form-beans>
<form-bean name="LoginForm" type="forms.LoginForm"/>
</form-beans>
...
<action
path="/Login"
type="actions.LoginAction"
name="LoginForm"
scope="request"
validate="true"
input="/login.jsp">
</action>
The LoginAction class takes care of authentication using the values in LoginForm successfully. My question is, if the user request something with /secure in it's path, for example, /secure/page1, how do I forward to the originally requested page after the user is authenticated successfully. Normally I would return an ActionForward object that forwards to the requested page, but I'm not sure how to figure out what the requested page is from within the LoginAction object.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
