forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Brondsema <d...@brondsema.net>
Subject Re: Adding authorization on some pages
Date Wed, 21 Apr 2004 13:17:40 GMT
Mikael Sitruk wrote:
> Hi
> 
> I would like to add authorization on some pages, for example when
> someone will click "download" link or the "internal resource" page, the
> user will be able to get these link/pages only if he is authorized to.
> If not, the user will be redirected to the login page or an error page.
> Of course the pages will run in a servlet container, and I presume 
> these links will be redirected first to an authorization servlet.
> Has someone did such thing? 
> Is there a place I can find an example? 
> Do I have to redirect manually (editing the xml) all the link to the
> servlet (assuming that I already have a site without the authorization)?
> If I redirect all the link to the servlet, I need also to pass the
> target of the link to the servlet (so he can do forward), does it mean I
> need to add something like "?target_page=<value>" in the links, or is
> there another solution (xmap???)
> 
> Regards,
> Mikael.S
> 

If you are hosting statically generated pages within the servlet, you 
can put use web.xml security to limit access to certain directories. 
This file is not a source file, so it would be placed outside the xdocs 
dir (src/documentation/content/WEB-INF/web.xml).  See 
http://xml.apache.org/forrest/faq.html#link_raw

If you are hosting the site as a dynamic webapp within the servlet, you 
should be able to modify the web.xml in the war file before deploying it.

-- 
Dave Brondsema : dave@brondsema.net
http://www.splike.com : programming
http://csx.calvin.edu : student org
http://www.brondsema.net : personal

Mime
View raw message