Hi,
What is the best approach for the above? I don't use container security - when a user logs in I store a User object in the session and each page should then check that the User is not null before proceding.
You seem to get a real mix of opinions reading about the subject - the Servlet 2.3 specification suggests authenication as a suggested use of Filters and yet my Professional SCWCD Certification book says 'Filters should not rely on session state'.
I understand the Struts approach is sub-class Action and have your check in there - this does force you to have an action for every mapping though.
Thanks, Andy
_________________________________________________________________
Use MSN Messenger to send music and pics to your friends http://www.msn.co.uk/messenger
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
