struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kun Niu <haoniu...@gmail.com>
Subject Re: Basic security problem
Date Fri, 16 Apr 2010 02:39:51 GMT
You should check the authentication all by yourself in your action.

Stephane Cosmeur wrote:
> Hello struts users
>
> I have a really basic security problem and i would like to know what is the
> best practice to resolve it.
>
> I have an application with an authentification system and diffrent rights
> for diffrent type of user. To add or remove a link/fonctionnality, we simply
> declarate the element in a <s:if test=..> balise. But the problem is the
> actions are still available by typing URL in bar address.
>
> How can i fix it ?
>
> Regards,
>
>   

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message