What I want is to implement a security policy where all pages of the
application can only be accessed through the login page. i.e. If the
user logs in the application and copies the url in another browser and
tries to access that page, he should be redirected to the login page.
Any suggestion?
regards,
Pankaj
Paul Benedict wrote:
Panak, how are the menu items going to communicate to your
application which item was selected? Obviously, by incoking
an Action; if the menu items can invoke the Action, so can a user.
There is no such thing as security in this case.
However, if you're asking if you can prevent the JSP files
from being directly accesses, put them under WEB-INF and have
your Actions forward to them. The user will not be able to go
to your JSP pages directly, but only through an Action; but
here too the user can access any Action.
When you build a menus, use the <logic roles=""> tag to
determine if the user is in some role.
-- Paul
--- Pankaj Gupta <[EMAIL PROTECTED]> wrote:
Hi All,
I am new to struts and have a basic question. I am making an application
and I want that all the pages should be accessed through the menu items
only.i.e. if a user copies the url in the browser the page should not
get loaded. How can I enforce such a security?
Another question is how can I selectively disable some menus based on
login roles?
regards,
Pankaj
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
