Aladin Alaily wrote:
Hi Pham,
I think this was mentioned earlier. There are two things you can do:
1) Use a filter with a url-map to your action
2) Use security constraints
Aladin
Pham Anh Tuan wrote:
Hi all,
This is the second time I post this message for help :(.
I don't know how to restrict access to certain mapping action?
Ex:
I have action: /user/myaction.do
and I don't want user directly access to above action.
Could I use web.xml to solve this problem.
something like:
<security-constraint>
<web-resource-collection>
<web-resource-name>
Restrict access to JSP pages
</web-resource-name>
<url-pattern>*.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>
With no roles defined, no access granted
</description>
</auth-constraint>
</security-constraint>
Thanks for ur reading.
Anh Tuan
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
You can use role parameter in action mapping
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
