Hello, every action in my webapp extends a BaseAction and call
super.execute(...). I'm taking advantage of this pattern to implement a
security scheme where the Action classes class signature
(com.example.XYZAction) are mapped to security levels. Example:

user X as access to com.example.XYZAction but now com.example.ABCAction.

In the BaseAction i get the permission by looking up the class in the
database:

String currectAction = mapping.getType();


almost everything works fine except if the user has no access i cant
redirect to anywhere from the baseaction getting:

StandardWrapperValve[action]: Servlet.service() for servlet action threw
exception
java.lang.IllegalStateException: Cannot forward after response has been
committed
    at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:324)

event when there's no 'request.getSession' in its code ....


i considered using a servlet filter mapped to the action servlet, but
there i cant get access to the mapping (?)

Any ideas besides changing the security implementation? (OMG nooo)




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to