Struts action mappings also contain a role attribute. This role is checked against HttpServletRequest.isUserInRole.
Adam Samere <[EMAIL PROTECTED]> wrote: You can use the standard Servlet authorization/authentication mechanism, or use a Servlet filter, or use a custom ActionMappings class or common base Action subclass if you're bent on handling it within Struts. -Adam chamal desilva wrote: > Hi, > > How should we test wether a user has permission for an > action. Can we do it in action class or do we have to > do it in EJB tier. > > Thanking You, > Chamal. > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------- Do you Yahoo!? Next-gen email? Have it all with the all-new Yahoo! Mail Beta.
