Thank Aladin,
I'm Alibaba :D,
So, the first thing I want to say here I don't know exactly how to use <security-constraint>, maybe syntax.
the second is I mean that, I don't want User do my action by typing my action path directly on address bar, such as http://www.myweb/user/useraction.do, but I allow User do my action by clicking on certain link on webpage, such as <html:link page="/user/useraction.do">do</html:link>
any solution :(
Anh Tuan
----- Original Message ----- From: "Aladin Alaily" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <user@struts.apache.org>
Sent: Thursday, May 19, 2005 9:49 AM
Subject: Re: Fw: [HELP] How to restrict access to certain mapping action ???
Hi Pham,
I think this was mentioned earlier. There are two things you can do:
1) Use a filter with a url-map to your action
2) Use security constraints
Aladin
Pham Anh Tuan wrote:
Hi all,
This is the second time I post this message for help :(.
I don't know how to restrict access to certain mapping action?
Ex: I have action: /user/myaction.do and I don't want user directly access to above action.
Could I use web.xml to solve this problem.
something like:
<security-constraint>
<web-resource-collection>
<web-resource-name>
Restrict access to JSP pages
</web-resource-name>
<url-pattern>*.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>
With no roles defined, no access granted
</description>
</auth-constraint>
</security-constraint>
Thanks for ur reading.
Anh Tuan
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
