tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Price <>
Subject Re: INSECURE to rely on sendRedirect (??)
Date Fri, 24 Jan 2003 18:28:21 GMT

Mike Jackson wrote:
> Actually I use a MVC architecture, my controller has a "standard" model for
> doing logins.  So I just change the look for the login page and change the
> configuration file a little and I'm done.  Nearly 100% code reuse (if you
> consider the relatively static login page to be code).  Since my system is
> fast and easy I haven't seen the need to branch out into new things yet.

What happens if someone requests one of your resources directly?

Also, I hear you -- I wasn't going to get into Filters but I read a bit 
about them and the idea is actually pretty simple.  And it seemed 
perfect for this situation, so I just tried it.  I'm pleased.


To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message