Return-Path: Delivered-To: apmail-struts-user-archive@www.apache.org Received: (qmail 24096 invoked from network); 12 Apr 2008 14:14:08 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 12 Apr 2008 14:14:08 -0000 Received: (qmail 61581 invoked by uid 500); 12 Apr 2008 14:13:57 -0000 Delivered-To: apmail-struts-user-archive@struts.apache.org Received: (qmail 61552 invoked by uid 500); 12 Apr 2008 14:13:57 -0000 Mailing-List: contact user-help@struts.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "Struts Users Mailing List" Reply-To: "Struts Users Mailing List" Delivered-To: mailing list user@struts.apache.org Received: (qmail 61541 invoked by uid 99); 12 Apr 2008 14:13:57 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Apr 2008 07:13:57 -0700 X-ASF-Spam-Status: No, hits=4.0 required=10.0 tests=DNS_FROM_OPENWHOIS,FORGED_YAHOO_RCVD,SPF_HELO_PASS,SPF_PASS,WHOIS_MYPRIVREG X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Apr 2008 14:13:12 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1JkgTs-0003PP-Ow for user@struts.apache.org; Sat, 12 Apr 2008 07:13:24 -0700 Message-ID: <16648714.post@talk.nabble.com> Date: Sat, 12 Apr 2008 07:13:24 -0700 (PDT) From: Guillaume Bilodeau To: user@struts.apache.org Subject: Re: how do i make the tomcat server send a 403 Forbidden response in JSP and in Struts? In-Reply-To: <2609a94e0804101914v4c8a3158u7b8c8d12969a5e3a@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: gbilodeau@yahoo.com References: <2609a94e0804101914v4c8a3158u7b8c8d12969a5e3a@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org HttpServletResponse.SC_FORBIDDEN is an int value, it should compile. Another option is to use Acegi to manage application security. It allows you to restrict access to URL patterns and/or object methods using user roles. Taking this road is not a trivial undertaking though. http://www.acegisecurity.org/ Cheers, GB ryan webb-2 wrote: > > I am having difficulty with authentication of user levels. > I have to kinds of users "user" and "administrators". > > What we did in mySQL db is make a user table and in it, a "level" column > is > placed containing whether a user is "administrator" or not. > there's no problem with this actually (I just wrote the situation and > setup). > > *Now, I want the server to send a 403 response to non-administrative > personnel accessing some secured places in our site.* > > How can I do this?(Or is this possible? I have no idea actually..) > > I have a userBean.java that contains all user informations from database. > I made this in my execute method in Action class. (Something Like this) > > execute(response, request, form....){ > > UserActionForm uaf = (UserActionForm) form; > > UserBean userbean = new UserBean(); > > * if (userbean.getlevel().equals("user")){ > response.sendError(SC_FORBIDDEN); > } > > * return mapping.findForward....("Sucess"); > } > > this code does not compile..sendError() expects int value. I tried > sendError(403) but doesn't work. > > Any Help is Gladly Appreciated! =) > > God Bless! > Ryan Webb from Philippines > > -- View this message in context: http://www.nabble.com/how-do-i-make-the-tomcat-server-send-a-403-Forbidden-response-in-JSP-and-in-Struts--tp16623879p16648714.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@struts.apache.org For additional commands, e-mail: user-help@struts.apache.org