struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Bilodeau <gbilod...@yahoo.com>
Subject Re: how do i make the tomcat server send a 403 Forbidden response in JSP and in Struts?
Date Sat, 12 Apr 2008 14:13:24 GMT

HttpServletResponse.SC_FORBIDDEN is an int value, it should compile.

Another option is to use Acegi to manage application security.  It allows
you to restrict access to URL patterns and/or object methods using user
roles.  Taking this road is not a trivial undertaking though.

http://www.acegisecurity.org/

Cheers,
GB


ryan webb-2 wrote:
> 
> I am having difficulty with authentication of user levels.
> I have to kinds of users "user" and "administrators".
> 
> What we did in mySQL db is make a user table and in it, a "level" column
> is
> placed containing whether a user is "administrator" or not.
> there's no problem with this actually (I just wrote the situation and
> setup).
> 
> *Now, I want the server to send a 403 response to non-administrative
> personnel accessing some secured places in our site.*
> 
> How can I do this?(Or is this possible? I have no idea actually..)
> 
> I have a userBean.java that contains all user informations from database.
> I made this in my execute method in Action class. (Something Like this)
> 
> execute(response, request, form....){
> 
>     UserActionForm uaf = (UserActionForm) form;
> 
>     UserBean userbean =  new UserBean();
> 
>  *   if (userbean.getlevel().equals("user")){
>         response.sendError(SC_FORBIDDEN);
>     }
> 
> *    return mapping.findForward....("Sucess");
> }
> 
> this code does not compile..sendError() expects int value. I tried
> sendError(403) but doesn't work.
> 
> Any Help is Gladly Appreciated! =)
> 
> God Bless!
> Ryan Webb from Philippines
> 
> 

-- 
View this message in context: http://www.nabble.com/how-do-i-make-the-tomcat-server-send-a-403-Forbidden-response-in-JSP-and-in-Struts--tp16623879p16648714.html
Sent from the Struts - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message