Panak, how are the menu items going to communicate to your application which item was selected? Obviously, by incoking an Action; if the menu items can invoke the Action, so can a user. There is no such thing as security in this case.
However, if you're asking if you can prevent the JSP files from being directly accesses, put them under WEB-INF and have your Actions forward to them. The user will not be able to go to your JSP pages directly, but only through an Action; but here too the user can access any Action. When you build a menus, use the <logic roles=""> tag to determine if the user is in some role. -- Paul --- Pankaj Gupta <[EMAIL PROTECTED]> wrote: > Hi All, > > I am new to struts and have a basic question. I am making an application > and I want that all the pages should be accessed through the menu items > only.i.e. if a user copies the url in the browser the page should not > get loaded. How can I enforce such a security? > > Another question is how can I selectively disable some menus based on > login roles? > > regards, > Pankaj > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
