On Wed, 26 Jan 2005 10:28:49 -0500, ckl <[EMAIL PROTECTED]> wrote: > I am migrating to Struts from an existing webapp. One of the issues with the > old architecture was managing the flow control logic. Currently we track in > the session which flow and page the user is on. To enforce flow control each > Servlet method must check the session to see if the flow and page are valid > for input to that method. Needless to say this is a maintenance headache, > obfuscates the flow and doesn't stand up well against the latest "great > idea" from the marketing folks ;) > > First am I using the right vocabulary to describe the problem? If not stop > here, the rest of my question is wrong. > > I have read two books (Struts in Action and Pro Jakarta Struts), read the > users guide, developed a pilot-app and searched google. The only real > resource I found on the matter was > http://www.javaworld.com/javatips/jw-javatip136_p.html. Which despite the > promising title is really only about double submit protection. > > Assuming I didn't miss the boat on how to do this ... The best I could come > up with is to create my own "Flow Control" plugin which would read a config > file that would specify the flow. This plugin would then intercept all > requests to actions and validate them against the valid set of actions that > could be executed give the specific user's flow and page position. > > Am I reinventing the wheel? Other thoughts on how to do this? Thanks for > your time.
Someone already mentioned struts workflow, and using the token as a way to make sure that someone is coming from the right place. In addition you have OSWorkflow, which is probably a bit more complex then you really need. Rather then a plugin I would consider a filter as well. > > -Kam > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- James A Barrows --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
