Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 37569 invoked from network); 4 Nov 2005 22:47:05 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 4 Nov 2005 22:47:05 -0000 Received: (qmail 49426 invoked by uid 500); 4 Nov 2005 22:46:51 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 49409 invoked by uid 500); 4 Nov 2005 22:46:51 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 49398 invoked by uid 99); 4 Nov 2005 22:46:51 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Nov 2005 14:46:51 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: neutral (asf.osuosl.org: local policy) Received: from [193.252.22.156] (HELO smtp3.freeserve.com) (193.252.22.156) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Nov 2005 14:46:46 -0800 Received: from me-wanadoo.net (localhost [127.0.0.1]) by mwinf3206.me.freeserve.com (SMTP Server) with ESMTP id B0D041C00088 for ; Fri, 4 Nov 2005 23:46:29 +0100 (CET) Received: from [127.0.0.1] (user-2039.lns6-c10.dsl.pol.co.uk [84.68.167.247]) by mwinf3206.me.freeserve.com (SMTP Server) with ESMTP id 8C2A11C0008B for ; Fri, 4 Nov 2005 23:46:29 +0100 (CET) X-ME-UUID: 20051104224629574.8C2A11C0008B@mwinf3206.me.freeserve.com Message-ID: <436BE4C3.8090600@apache.org> Date: Fri, 04 Nov 2005 22:46:27 +0000 From: Mark Thomas User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Is this good flow control? References: <20051104184653.97902.qmail@web51811.mail.yahoo.com> In-Reply-To: <20051104184653.97902.qmail@web51811.mail.yahoo.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Why not just specify the protected pages in your web.xml and let Tomcat do this for you? If that isn't flexible enough, I would do this as a servlet filter. Mark Dola Woolfe wrote: > Hi, > > I'm adding a level of security to my web applicaiton. > Certain pages are only available to certain users. > So the page first checks wither the user is authorized > to view it. If yes, it displays the page. Otherwise it > offers to login. > > I don't want to do this with a (short) "if" and a > (long) "then" so I throw a MyAuthenticationException > and in ErrorPage.jsp have code: if (exception > instanceof MyAuthenticationException) > forward-to-login-page. (This saves me from having a > big "then" block on every page.) > > Is it a good idea to handle flow this way? > > Thanks! > > Dola > > > > __________________________________ > Start your day with Yahoo! - Make it your home page! > http://www.yahoo.com/r/hs > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org