Container managed security will do this for you (though it has some drawbacks). If you don't need the advantages of container managed auth (such as automatic propogation of credentials to EJBs) then you should consider filters to implement this. Filters are a relatively recent servlet feature - I'd probably disregard posts from 2001.
I believe there is a package called security-filter which does lots of this kind of thing for you. Search the archives - I've posted a few times on this subject in the last few months, there is some useful advice & pointers in those threads. Paul > -----Original Message----- > From: Paul Daniell [mailto:[EMAIL PROTECTED] > Sent: 2005/09/05 00:11 > To: user@struts.apache.org > Subject: Injecting actions globally > > > I have an application which has some actions which require > authentication and some which do not. When moving between a page that > doesn't require authentication to one that does, I'd like to > "inject" a > login form page. Upon authentication, a session identifier is > placed in > a client-side cookie. Subsequently I'd like to return the user to the > original, requested action. > > Is there a standard pattern to do this in Struts 1.2? I found this > response from Craig M. ( > http://www.mail-archive.com/struts-user@jakarta.apache.org/msg > 01812.html ) > from January 2001, which suggests that in Struts 1.0 you ought to > subclass ActionServlet. But he also says that future versions might > alter this behavior. Is this still the standard way to get such > behavior. Perhaps I am being overly academic, but it seems like > modifying the ActionServlet means penetrating deep into the > framework to > do work that ought to be able to accomplished merely through > actionmappings and forwards. > > Any suggestions are sincerely appreciated, > Paul > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Axios Email Confidentiality Footer Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message, and notify us immediately. If you or your employer does not consent to Internet email messages of this kind, please advise us immediately. Opinions, conclusions and other information expressed in this message are not given or endorsed by my Company or employer unless otherwise indicated by an authorised representative independent of this message. WARNING: While Axios Systems Ltd takes steps to prevent computer viruses from being transmitted via electronic mail attachments we cannot guarantee that attachments do not contain computer virus code. You are therefore strongly advised to undertake anti virus checks prior to accessing the attachment to this electronic mail. Axios Systems Ltd grants no warranties regarding performance use or quality of any attachment and undertakes no liability for loss or damage howsoever caused. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
