struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ted Husted" <>
Subject Re: [S2] Annotations (was Plugins gone wild!)
Date Wed, 24 Oct 2007 18:52:16 GMT
On 10/23/07, Martin Gilday <> wrote:
> Well I am looking at the Parameter Filter Interceptor
> ( which I
> am proposing we complement by allowing the same thing with annotations.
> Currently we have a wizard like section in one of our sites which we are
> backing with Spring session scope beans.  So the Struts2 Spring plugin
> injects it.  To allow this we have a setMySessionBeanName(), which is
> public.  So a user could call an action with a parameter
> mySessionBeanName.forename and change that value.  You can stop that
> with the filter interceptor by defining mySessionBeanName as a blocked
> parameter name,  I would prefer to mark it @NotAParameter.

Why not @blocked and @allowed for the properties, and @defaultBlock
for the class?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message