tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Wallace <tomca...@rwsoft-online.com>
Subject user's roles verification
Date Mon, 12 Aug 2002 14:43:58 GMT


I've got (i think) Realms working. I need some advice for good
practices...

My original idea (before hearing about realms and such) was to direct
all requests for any resource of my webapp to a servlet that would
verify user roles.

Then I was told here that i would run into a lot of problems if I did
that. And was recomended to check filters and that realms are for this
purpose.

Here is my main question: Using realms, should each jsp verify the role
of the user trying to access it? Or is there a more elegant way to do
it, to keep code in jsp minimum and centralize that task?

The verification will have to happen for each one of the pages in my web
app..

Thank you in advance!



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message