Hi,
You need to define a secruity constaint similar to the following in web
application. Once this done, container takes care of the two issues
transperantly.
Regards,
Raja Nagendra Kumar,
C.T.O,
www.tejasoft.com
<session-config>
<session-timeout>10</session-timeout>
<session-max>4096</session-max>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/jmxproxy/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Manager Application</realm-name>
</login-config>
<security-role>
<description>
The role that is required to log in to the Manager Application
</description>
<role-name>manager</role-name>
</security-role>
----- Original Message -----
From: "SrinivasaReddy" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <user@struts.apache.org>
Sent: Tuesday, September 19, 2006 9:37 AM
Subject: Web Application Security -- Help needed
HI All..,
I am developing the Application in Struts+Hibernate, it is an Web
Application.I need to apply the security for this applicaiton like
--> If Session Timeout over that should redirect to Login page
--> After login if we copy the url and open it in new browser, that should
redirect to login page
Which type of security i need to apply for this...
Here all pages are secure pages only.
we are using the Sturts tiles to develop the application...
Thanks for any help..
Regards
Srinivasa Reddy
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
