hi,
you can do like this:
String myReferer = request.getHeader("Referer");
if myReferer is nul this means the request was by tiping the addres in
the addres bar. if it's not null mean the user click on a link on last
page in the browser and myReferer is the url of this page. for a full
description of this look for http description at header field
definition. i don't have a link on web for this but i think you can
find easy with google.
i hope this solve your problem.
Catalin
On 5/19/05, Pham Anh Tuan <[EMAIL PROTECTED]> wrote:
> Thank Aladin,
>
> I'm Alibaba :D,
>
> So, the first thing I want to say here I don't know exactly how to use
> <security-constraint>, maybe syntax.
>
> the second is I mean that, I don't want User do my action by typing my
> action path directly on address bar, such as
> http://www.myweb/user/useraction.do, but I allow User do my action by
> clicking on certain link on webpage, such as <html:link
> page="/user/useraction.do">do</html:link>
>
> any solution :(
>
> Anh Tuan
> ----- Original Message -----
> From: "Aladin Alaily" <[EMAIL PROTECTED]>
> To: "Struts Users Mailing List" <user@struts.apache.org>
> Sent: Thursday, May 19, 2005 9:49 AM
> Subject: Re: Fw: [HELP] How to restrict access to certain mapping action ???
>
>
> > Hi Pham,
> >
> > I think this was mentioned earlier. There are two things you can do:
> >
> > 1) Use a filter with a url-map to your action
> >
> > 2) Use security constraints
> >
> > Aladin
> >
> >
> >
> > Pham Anh Tuan wrote:
> >>
> >> Hi all,
> >>
> >> This is the second time I post this message for help :(.
> >>
> >> I don't know how to restrict access to certain mapping action?
> >>
> >> Ex:
> >> I have action: /user/myaction.do
> >> and I don't want user directly access to above action.
> >>
> >> Could I use web.xml to solve this problem.
> >>
> >> something like:
> >>
> >> <security-constraint>
> >>
> >> <web-resource-collection>
> >>
> >> <web-resource-name>
> >>
> >> Restrict access to JSP pages
> >>
> >> </web-resource-name>
> >>
> >> <url-pattern>*.jsp</url-pattern>
> >>
> >> </web-resource-collection>
> >>
> >> <auth-constraint>
> >>
> >> <description>
> >>
> >> With no roles defined, no access granted
> >>
> >> </description>
> >>
> >> </auth-constraint>
> >>
> >> </security-constraint>
> >>
> >> Thanks for ur reading.
> >>
> >> Anh Tuan
> >>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >>
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
