struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <George.Dinwid...@wellsfargo.com>
Subject RE: Browser History by HTTP-REFERER
Date Mon, 07 Aug 2006 18:05:40 GMT
I would suggest that a servlet filter is a better choice than depending
on the inclusion of a particular tile.

> -----Original Message-----
> From: Thomas Joseph [mailto:thomas.joseph@kottsoftware.com] 
> Sent: Monday, August 07, 2006 2:36 AM
> To: Struts Users Mailing List
> Subject: Re: Browser History by HTTP-REFERER
> 
> 
> Try this:
> 1. Include a common JSP page (say like the company logo) in 
> every other JSP page (using tiles is perfect) that will check 
> for a user object (say username or user credential or 
> something else) in session that is created only on Login. 2. 
> If the object is not found, redirect to the login page.
> 
> There can be more streamlined versions of the same logic.
> 
> Thanks and Regards,
> Thomas Joseph 
> 
> Kott Software Pvt. Ltd. | Vallamattom Estate | M.G.Road | 
> Cochin-682015 | India 
> www.kottsoftware.com 
> --------------------------------------------------------------
> ------------------
> This email (including any attachments) is subject to 
> copyright, the information in it is confidential, and it is 
> legally privileged. Use of this email or of any information 
> in it other than by the addressee is unauthorized and 
> unlawful. If you are not the intended recipient of the mail, 
> kindly intimate the author of the mail and delete the same. 
> --------------------------------------------------------------
> ------------------
> It doesn't matter how you were, but rather how you are that 
> decides your future. A right attitude will get you to Success. 
>   ----- Original Message ----- 
>   From: Raghuveer 
>   To: 'Thomas Joseph' 
>   Cc: user@struts.apache.org 
>   Sent: Monday, August 07, 2006 10:54 AM
>   Subject: RE: Browser History by HTTP-REFERER
> 
> 
>   Yes ,I am trying to restrict users only after login.
>   Like banking applications
>     -----Original Message-----
>     From: Thomas Joseph [mailto:thomas.joseph@kottsoftware.com]
>     Sent: Saturday, August 05, 2006 9:53 AM
>     To: Struts Users Mailing List; raghuveerv@infotechsw.com
>     Subject: Re: Browser History by HTTP-REFERER
> 
> 
>     Can you please specify in more broad terms, what are you 
> trying to do
>   (especially with the referrer code)? Are you trying to 
> restrict user to
>   access pages only after login or something like that?
> 
>     Thanks and Regards,
>     Thomas Joseph
> 
>     Kott Software Pvt. Ltd. | Vallamattom Estate | M.G.Road | 
> Cochin-682015 |
>   India
>     www.kottsoftware.com
>   
> --------------------------------------------------------------
> --------------
>   --
>     This email (including any attachments) is subject to 
> copyright, the
>   information in it is confidential, and it is legally 
> privileged. Use of this
>   email or of any information in it other than by the addressee is
>   unauthorized and unlawful. If you are not the intended 
> recipient of the
>   mail, kindly intimate the author of the mail and delete the same.
>   
> --------------------------------------------------------------
> --------------
>   --
>     It doesn't matter how you were, but rather how you are 
> that decides your
>   future. A right attitude will get you to Success.
>       ----- Original Message -----
>       From: Raghuveer
> 
> 
>       In my Struts Web application
>       i need to restict the user accessing pages from Browser History.
>       When i access any page from Browser History i get
>       http-referer=null
> 
>       So,
>       I am checking this by below code on Server side in All 
> my execute method
>   in
>       Struts Action File .
>       if(request.getHeader("REFERER")==null){
> 
>       throw new Exception("Invalid operation");
>         }
> 
>       Is this Correct way of handling ?
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message