Johan is correct, you should use SecurePageLinks or other Links that
are protected to prevent users from ever seeing or clicking the link.
Maurice
On Feb 20, 2008 5:21 PM, Johan Compagner <[EMAIL PROTECTED]> wrote:
> Why do you get access denied pages a lot in your app?
> I would say a user shouldnt be abe to click on that link in the first
> place. Only maybe when he tampers with it. But if you have session
> pages that that shouldnt be a problem. (only bookmakrable pages where
> a user has to first login for)
>
>
> On 2/19/08, Warren <[EMAIL PROTECTED]> wrote:
> > Maurice,
> >
> > I was thinking about this "Access Denied" message problem I have been
> > working on and thought up some features that might be useful in future
> > releases. It would be nice to be able to configure "Access Denied" messages
> > directly into the hive like this:
> >
> > grant principal com.scanman.security.authorization.ScanManPrincipal "ScanMan
> > Receiving" "Principal Access Denied Message Here"
> > {
> > permission ${ComponentPermission} "${RecvMenu}", "inherit, render,
> > enable",
> > "Permission Access Denied Message Here";
> > };
> > grant principal com.scanman.security.authorization.ScanManPrincipal "ScanMan
> > Ordering" "Principal Access Denied Message Here"
> > {
> > permission ${ComponentPermission} "${OrderMenu}", "inherit, render,
> > enable", "Permission Access Denied Message Here";
> > };
> >
> > I believe you are following some kind of standard for how the hive is
> > set-up, so I am not sure this would work. But anyway, you could then set-up
> > the configuration of how these messages were used in the
> > SwarmWebApplication. For Example, put them into the error queue, or take
> > advantage of message resources, message keys and localization and so on. I
> > ended up putting these messages into the error queue from MySwarmStrategy
> > and it works great.
> >
> > I can't imagine that a feature like this would not be of some value to other
> > users. My app has a lot of different levels of security and permissions that
> > the Administrative user can configure within a separate "Point of Sale" app.
> > Messages of this sort are valuable to a user so that security levels and
> > permissions can be tweaked to best suit a companies policies. A simple
> > "Access Denied" message gives little clue as to why access was denied.
> >
> > That's my two cents. Thanks for all the help you have given me. Your project
> > surely deserves a lot of credit.
> >
> > Thanks,
> >
> > Warren Bell
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
