struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jagadeesan,Sivakumar" <sivakumar.jagadee...@dhs.state.tx.us>
Subject RE: Control Access
Date Wed, 19 Mar 2003 21:17:54 GMT
There are many ways we could do that

The simplest way is ,
In all actions check whether the User is logged in ( by checking whether
UserBean is present in the Session) . If the user is not logged in direct
him to the Login page . This approach is not that efficient as you have to
have this logic in all the actions.

The better way is,
Use a filter that checks whether the User is logged in . If the User is not
logged in it will redirect to Login Page.

In my application, I have Servlet filter that has two arguments.
1) Login Page Url
2) The pages that need authorization

So my filter will check only for the pages that need authorization and for
other pages it does not check whether the user is logged in.

-- Siva Jagadeesan

-----Original Message-----
From: mahesh kagitha [mailto:mahesh_kagitha@yahoo.com]
Sent: Wednesday, March 19, 2003 3:10 PM
To: Struts Users Mailing List
Subject: RE: Control Access 



Hi Siva,
   My question about navigation of successful/unsuccessful users...If I
directly access  any JSP other than login.jsp, then I should be redirected
to login.jsp , a way of forcing user to authorization.
Thanks 
mahesh.
 
 "Jagadeesan,Sivakumar" <sivakumar.jagadeesan@dhs.state.tx.us> wrote:Hi
Mahesh:

This is pretty simple when using struts.
Have the Login Page to Submit to Login Action.
Configure in the Struts-Config.xml the action mapping for LoginAction as
SUCCESS ---> Index.html
FAILURE ---> Login.jsp

In the Login Action return SUCCESS if the login succeeds or return FAILURE
if the login fails

I am sorry I was in hurry so not able to give any code example. Let me know
if I am not that clear
--Siva

-----Original Message-----
From: mahesh kagitha [mailto:mahesh_kagitha@yahoo.com]
Sent: Wednesday, March 19, 2003 2:49 PM
To: struts-user@jakarta.apache.org
Subject: Control Access 



Can any one please explain the following...

I'm developing an application which has login page(JSP) to access the
application and I should allow only the successfully logged in users to
navigate my application otherwise direct to login page. My question here
is... How can I do that.?



Thanks in Advance.





---------------------------------
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!

---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org



---------------------------------
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!

---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org


Mime
View raw message