> If you anticipate having the complexity of a full ACL implementation, I'd > just go ahead and use AceGI; why re-invent all that machinery? If you decide > to roll your own, though, then the interceptor can access the action through > the ActionInvocation object and, through the action, can access your POJO > via whatever mechanism you want -- via ModelDriven's getModel() method, > through an interceptor-specific interface you design, or whatever.
my idea is to make a class that extend Action so, if I extend this action, the action will query and get security permission from database.. because i prefer database driven .. but i thinking a interceptor, but new in this area, i prefer a pattern that filter any action but.. i am loking also in AOP of spring or may be a HTTPFilter mechanism (still dont know, how to implement Struts2 based in the httpfilter) F
