forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Brondsema <>
Subject Re: Adding authorization on some pages
Date Wed, 21 Apr 2004 13:17:40 GMT
Mikael Sitruk wrote:
> Hi
> I would like to add authorization on some pages, for example when
> someone will click "download" link or the "internal resource" page, the
> user will be able to get these link/pages only if he is authorized to.
> If not, the user will be redirected to the login page or an error page.
> Of course the pages will run in a servlet container, and I presume 
> these links will be redirected first to an authorization servlet.
> Has someone did such thing? 
> Is there a place I can find an example? 
> Do I have to redirect manually (editing the xml) all the link to the
> servlet (assuming that I already have a site without the authorization)?
> If I redirect all the link to the servlet, I need also to pass the
> target of the link to the servlet (so he can do forward), does it mean I
> need to add something like "?target_page=<value>" in the links, or is
> there another solution (xmap???)
> Regards,
> Mikael.S

If you are hosting statically generated pages within the servlet, you 
can put use web.xml security to limit access to certain directories. 
This file is not a source file, so it would be placed outside the xdocs 
dir (src/documentation/content/WEB-INF/web.xml).  See

If you are hosting the site as a dynamic webapp within the servlet, you 
should be able to modify the web.xml in the war file before deploying it.

Dave Brondsema : : programming : student org : personal

View raw message