I would suggest that a servlet filter is a better choice than depending
on the inclusion of a particular tile.
> -----Original Message-----
> From: Thomas Joseph [mailto:thomas.joseph@kottsoftware.com]
> Sent: Monday, August 07, 2006 2:36 AM
> To: Struts Users Mailing List
> Subject: Re: Browser History by HTTP-REFERER
>
>
> Try this:
> 1. Include a common JSP page (say like the company logo) in
> every other JSP page (using tiles is perfect) that will check
> for a user object (say username or user credential or
> something else) in session that is created only on Login. 2.
> If the object is not found, redirect to the login page.
>
> There can be more streamlined versions of the same logic.
>
> Thanks and Regards,
> Thomas Joseph
>
> Kott Software Pvt. Ltd. | Vallamattom Estate | M.G.Road |
> Cochin-682015 | India
> www.kottsoftware.com
> --------------------------------------------------------------
> ------------------
> This email (including any attachments) is subject to
> copyright, the information in it is confidential, and it is
> legally privileged. Use of this email or of any information
> in it other than by the addressee is unauthorized and
> unlawful. If you are not the intended recipient of the mail,
> kindly intimate the author of the mail and delete the same.
> --------------------------------------------------------------
> ------------------
> It doesn't matter how you were, but rather how you are that
> decides your future. A right attitude will get you to Success.
> ----- Original Message -----
> From: Raghuveer
> To: 'Thomas Joseph'
> Cc: user@struts.apache.org
> Sent: Monday, August 07, 2006 10:54 AM
> Subject: RE: Browser History by HTTP-REFERER
>
>
> Yes ,I am trying to restrict users only after login.
> Like banking applications
> -----Original Message-----
> From: Thomas Joseph [mailto:thomas.joseph@kottsoftware.com]
> Sent: Saturday, August 05, 2006 9:53 AM
> To: Struts Users Mailing List; raghuveerv@infotechsw.com
> Subject: Re: Browser History by HTTP-REFERER
>
>
> Can you please specify in more broad terms, what are you
> trying to do
> (especially with the referrer code)? Are you trying to
> restrict user to
> access pages only after login or something like that?
>
> Thanks and Regards,
> Thomas Joseph
>
> Kott Software Pvt. Ltd. | Vallamattom Estate | M.G.Road |
> Cochin-682015 |
> India
> www.kottsoftware.com
>
> --------------------------------------------------------------
> --------------
> --
> This email (including any attachments) is subject to
> copyright, the
> information in it is confidential, and it is legally
> privileged. Use of this
> email or of any information in it other than by the addressee is
> unauthorized and unlawful. If you are not the intended
> recipient of the
> mail, kindly intimate the author of the mail and delete the same.
>
> --------------------------------------------------------------
> --------------
> --
> It doesn't matter how you were, but rather how you are
> that decides your
> future. A right attitude will get you to Success.
> ----- Original Message -----
> From: Raghuveer
>
>
> In my Struts Web application
> i need to restict the user accessing pages from Browser History.
> When i access any page from Browser History i get
> http-referer=null
>
> So,
> I am checking this by below code on Server side in All
> my execute method
> in
> Struts Action File .
> if(request.getHeader("REFERER")==null){
>
> throw new Exception("Invalid operation");
> }
>
> Is this Correct way of handling ?
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
|