You should check the authentication all by yourself in your action.
Stephane Cosmeur wrote:
Hello struts users I have a really basic security problem and i would like to know what is the best practice to resolve it. I have an application with an authentification system and diffrent rights for diffrent type of user. To add or remove a link/fonctionnality, we simply declarate the element in a <s:if test=..> balise. But the problem is the actions are still available by typing URL in bar address. How can i fix it ? Regards,
--------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
